Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ab2f920e3e61642a0e97279402e41cd91ded22a9c20a548f28b61532d066ab5b

  • Size

    197KB

  • Sample

    220925-cp1f5aebdm

  • MD5

    53b2f535388f0c4e09f0a8d883bc03fb

  • SHA1

    594eb5c7969e7c95f2b2838dff407c46e8148921

  • SHA256

    ab2f920e3e61642a0e97279402e41cd91ded22a9c20a548f28b61532d066ab5b

  • SHA512

    23ee850705f59366c5e86967b2bf1baf28c482163b4d27dff4b8fff175e3f21cdced1b5fb4403be06aebcf766aadf14b7baf0395d4474d41c118b3254db22a5c

  • SSDEEP

    3072:DW5jBLPEMQOdN5Il5tjbdRkbnuVUo+me6YGEpBczg3/PkkXx:WLHQOihxRGzoEmg

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      ab2f920e3e61642a0e97279402e41cd91ded22a9c20a548f28b61532d066ab5b

    • Size

      197KB

    • MD5

      53b2f535388f0c4e09f0a8d883bc03fb

    • SHA1

      594eb5c7969e7c95f2b2838dff407c46e8148921

    • SHA256

      ab2f920e3e61642a0e97279402e41cd91ded22a9c20a548f28b61532d066ab5b

    • SHA512

      23ee850705f59366c5e86967b2bf1baf28c482163b4d27dff4b8fff175e3f21cdced1b5fb4403be06aebcf766aadf14b7baf0395d4474d41c118b3254db22a5c

    • SSDEEP

      3072:DW5jBLPEMQOdN5Il5tjbdRkbnuVUo+me6YGEpBczg3/PkkXx:WLHQOihxRGzoEmg

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks