Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c59d96ba9fa006d1cb90b9cc650f9b56cdf88cd56dcf5f0375cd54afaaa5bd0b

  • Size

    145KB

  • Sample

    221006-dpslysgdgk

  • MD5

    c9baf3fdcc4fe10d9be46cf41ec65ce6

  • SHA1

    d1b54cacf1c6005563032698fef54ab9fae35606

  • SHA256

    c59d96ba9fa006d1cb90b9cc650f9b56cdf88cd56dcf5f0375cd54afaaa5bd0b

  • SHA512

    3f37b0e21f2cf3a3c6f25e725a6e12eaf1f7d8c78cee98415e5a01ef83502c9f86a504990024e21b1307f448838389e96a620e4c02b69257339aac58c85ec495

  • SSDEEP

    1536:nuqVi0rla1ikEhfRYjg1D29SyqreamdNOS8A3sTMk7y9oZAJady1ZWFQZhoDw/Oi:nuqVxjhfouDzprAIS8AcdO9spOWEhXO

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      c59d96ba9fa006d1cb90b9cc650f9b56cdf88cd56dcf5f0375cd54afaaa5bd0b

    • Size

      145KB

    • MD5

      c9baf3fdcc4fe10d9be46cf41ec65ce6

    • SHA1

      d1b54cacf1c6005563032698fef54ab9fae35606

    • SHA256

      c59d96ba9fa006d1cb90b9cc650f9b56cdf88cd56dcf5f0375cd54afaaa5bd0b

    • SHA512

      3f37b0e21f2cf3a3c6f25e725a6e12eaf1f7d8c78cee98415e5a01ef83502c9f86a504990024e21b1307f448838389e96a620e4c02b69257339aac58c85ec495

    • SSDEEP

      1536:nuqVi0rla1ikEhfRYjg1D29SyqreamdNOS8A3sTMk7y9oZAJady1ZWFQZhoDw/Oi:nuqVxjhfouDzprAIS8AcdO9spOWEhXO

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

3
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks