Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2ff4a66db7bd12aa1dce3d0a249b3ba7cd32bbd5c4bc09dfe8db290b6ccfd63b

  • Size

    147KB

  • Sample

    221006-a63xgagad7

  • MD5

    3543ec2fc678d8a2794afacde20716af

  • SHA1

    ea25df49137b7cccc5f50242565f4481cb65c062

  • SHA256

    2ff4a66db7bd12aa1dce3d0a249b3ba7cd32bbd5c4bc09dfe8db290b6ccfd63b

  • SHA512

    f5d64ef579377dc207d7e98b70a25a08e71ccc7035896923beb44a011d242b31d2e03412c167a1cc4a7f1a2032e4684e3c056e64b9ed487aa0dc810fd1808ec9

  • SSDEEP

    1536:RdsRBiRTOkWw0hRChf5QBf+WwG2rD89d8+jhIZV1iwXHB1kCVXAZMOVaD7mFFo34:RaRBeIihfguydFhIZVgWRZEM8afmPjO

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      2ff4a66db7bd12aa1dce3d0a249b3ba7cd32bbd5c4bc09dfe8db290b6ccfd63b

    • Size

      147KB

    • MD5

      3543ec2fc678d8a2794afacde20716af

    • SHA1

      ea25df49137b7cccc5f50242565f4481cb65c062

    • SHA256

      2ff4a66db7bd12aa1dce3d0a249b3ba7cd32bbd5c4bc09dfe8db290b6ccfd63b

    • SHA512

      f5d64ef579377dc207d7e98b70a25a08e71ccc7035896923beb44a011d242b31d2e03412c167a1cc4a7f1a2032e4684e3c056e64b9ed487aa0dc810fd1808ec9

    • SSDEEP

      1536:RdsRBiRTOkWw0hRChf5QBf+WwG2rD89d8+jhIZV1iwXHB1kCVXAZMOVaD7mFFo34:RaRBeIihfguydFhIZVgWRZEM8afmPjO

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks