Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Resubmissions

05-10-2022 20:36

221005-zdv4lafef2 10

05-10-2022 20:14

221005-y1ffzsfgak 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d984d9e4684f993cd6b48cac05816616f5eec2ff6d6fe8785fe076f0eec79ef0

  • Size

    270KB

  • Sample

    221005-y1ffzsfgak

  • MD5

    f7e78f6e1cb5fca7e70ba5ecd1764313

  • SHA1

    63f3bd66f0812ef9becbde93305b42797ec7ee87

  • SHA256

    d984d9e4684f993cd6b48cac05816616f5eec2ff6d6fe8785fe076f0eec79ef0

  • SHA512

    8115c2f0c40d54952639f2c1ef39604ebf010fc8f0987a5f73ac234ea898715063e108d925b6baf03b8dcc852a16981d79108b21aa422f702d12d672e805770c

  • SSDEEP

    6144:8qjNwNLb4Uyrq/3Ok3g7ruzbgwuCEFFPvNwVfUPk:8q0/4UAq/3Ok6unnyFPvzc

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      d984d9e4684f993cd6b48cac05816616f5eec2ff6d6fe8785fe076f0eec79ef0

    • Size

      270KB

    • MD5

      f7e78f6e1cb5fca7e70ba5ecd1764313

    • SHA1

      63f3bd66f0812ef9becbde93305b42797ec7ee87

    • SHA256

      d984d9e4684f993cd6b48cac05816616f5eec2ff6d6fe8785fe076f0eec79ef0

    • SHA512

      8115c2f0c40d54952639f2c1ef39604ebf010fc8f0987a5f73ac234ea898715063e108d925b6baf03b8dcc852a16981d79108b21aa422f702d12d672e805770c

    • SSDEEP

      6144:8qjNwNLb4Uyrq/3Ok3g7ruzbgwuCEFFPvNwVfUPk:8q0/4UAq/3Ok6unnyFPvzc

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks