Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10ae46eadf8b64fcd1d61d570184f273264bc1db70cdd3f8f8433704b005d650

  • Size

    186KB

  • Sample

    221123-jzg6vsgc63

  • MD5

    63ae553e3dbe71c1591f8f41604c83d4

  • SHA1

    fe6fffcce1f5307d5c547a1e7c2e36339adb34fb

  • SHA256

    10ae46eadf8b64fcd1d61d570184f273264bc1db70cdd3f8f8433704b005d650

  • SHA512

    e59c325efca71c97df9d12a23c7a8f318deee7488cf1dcbf9f490dc6576b8158b9010d66606a2f5646181c0eeda5112f8e19a9235a2de342bb0d71beff2ebf74

  • SSDEEP

    3072:ABkAp3Wx2uGL2JHDWWzD5af+q0MF6dSGxLeX9/AoWfOUIlolc9C:HANHL2JHDxdWhG9eXlAoWWNq5

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      10ae46eadf8b64fcd1d61d570184f273264bc1db70cdd3f8f8433704b005d650

    • Size

      186KB

    • MD5

      63ae553e3dbe71c1591f8f41604c83d4

    • SHA1

      fe6fffcce1f5307d5c547a1e7c2e36339adb34fb

    • SHA256

      10ae46eadf8b64fcd1d61d570184f273264bc1db70cdd3f8f8433704b005d650

    • SHA512

      e59c325efca71c97df9d12a23c7a8f318deee7488cf1dcbf9f490dc6576b8158b9010d66606a2f5646181c0eeda5112f8e19a9235a2de342bb0d71beff2ebf74

    • SSDEEP

      3072:ABkAp3Wx2uGL2JHDWWzD5af+q0MF6dSGxLeX9/AoWfOUIlolc9C:HANHL2JHDxdWhG9eXlAoWWNq5

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks