Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2676374e6bf6ba1f7fe417c99474fc917ca218447f7ac59a8d2fc8de1a600a78

  • Size

    285KB

  • Sample

    221030-ve7fssagh2

  • MD5

    0550b85844aa024fbbeead0e481d6a4e

  • SHA1

    aa4bd72b5f1ac3deeb01d778611ff9175a4d5e3b

  • SHA256

    2676374e6bf6ba1f7fe417c99474fc917ca218447f7ac59a8d2fc8de1a600a78

  • SHA512

    1c9f766bb47f065a233ea63e56673c552553a5c0e3bccbf24041d990bba4d9232c50f21354318e11f25d7f75a70b0a752c6453d3d9a66b6e00e4a8fc4b0e51af

  • SSDEEP

    3072:4vzT6rUfvb/LC0H6B5ZpVes+JcSJr+ZlL7TmS1d3vP6apldnhM/h3:NrUfvb/LC0H6FUJlG7JDvPPpldh

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      2676374e6bf6ba1f7fe417c99474fc917ca218447f7ac59a8d2fc8de1a600a78

    • Size

      285KB

    • MD5

      0550b85844aa024fbbeead0e481d6a4e

    • SHA1

      aa4bd72b5f1ac3deeb01d778611ff9175a4d5e3b

    • SHA256

      2676374e6bf6ba1f7fe417c99474fc917ca218447f7ac59a8d2fc8de1a600a78

    • SHA512

      1c9f766bb47f065a233ea63e56673c552553a5c0e3bccbf24041d990bba4d9232c50f21354318e11f25d7f75a70b0a752c6453d3d9a66b6e00e4a8fc4b0e51af

    • SSDEEP

      3072:4vzT6rUfvb/LC0H6B5ZpVes+JcSJr+ZlL7TmS1d3vP6apldnhM/h3:NrUfvb/LC0H6FUJlG7JDvPPpldh

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks