Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c

  • Size

    186KB

  • Sample

    221123-jz6t8abf6w

  • MD5

    8a3fcb6df3e213a1f07cd636dd5bff67

  • SHA1

    bd795ccf151bb239de0ec874efa6d1e403807fb5

  • SHA256

    55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c

  • SHA512

    11daf71beb9d0f5987fb0e8b3080d906068f8b16d03c065d5c04bf704da45d6bb061523087bcfe4b926aa9ad7cd506fe085dcfe26f102c709d13deefc6b7805e

  • SSDEEP

    3072:QBIEivjE31LqnAWYID5Fn2itWdjAnv8dF1sWW55sKKGV:jE2MLqnA7ODWtAEX9a5h

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c

    • Size

      186KB

    • MD5

      8a3fcb6df3e213a1f07cd636dd5bff67

    • SHA1

      bd795ccf151bb239de0ec874efa6d1e403807fb5

    • SHA256

      55a61a529e338a8989a73d13b81ef0dc8b95313cec5a2edea0cdf24e2da0038c

    • SHA512

      11daf71beb9d0f5987fb0e8b3080d906068f8b16d03c065d5c04bf704da45d6bb061523087bcfe4b926aa9ad7cd506fe085dcfe26f102c709d13deefc6b7805e

    • SSDEEP

      3072:QBIEivjE31LqnAWYID5Fn2itWdjAnv8dF1sWW55sKKGV:jE2MLqnA7ODWtAEX9a5h

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks