Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    351b342b3cfc481a15e8b12039cc3330cab35c4f0a8545aee24c24ce33b20bc3

  • Size

    188KB

  • Sample

    221124-jx7nqsdc7v

  • MD5

    b591c5aa36bedb9a2a45970b4b0276c3

  • SHA1

    96a13be47f590abd220dd9b4e5cf52a3fa24486e

  • SHA256

    351b342b3cfc481a15e8b12039cc3330cab35c4f0a8545aee24c24ce33b20bc3

  • SHA512

    ff0baee6975e99395fdac68968d897d7f73d44ffc36f2cace75e314449b4c8498d83b8853b185f2747a36f1374468549114702d0621b081d44d044f2966fe594

  • SSDEEP

    3072:IyriBnkx6IDBCeLwTCuZUpZ+5n8gyZE+SYr/EnVycAZGIbQrrJx0:liYweLw+uZ0iyDsu+Q

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      351b342b3cfc481a15e8b12039cc3330cab35c4f0a8545aee24c24ce33b20bc3

    • Size

      188KB

    • MD5

      b591c5aa36bedb9a2a45970b4b0276c3

    • SHA1

      96a13be47f590abd220dd9b4e5cf52a3fa24486e

    • SHA256

      351b342b3cfc481a15e8b12039cc3330cab35c4f0a8545aee24c24ce33b20bc3

    • SHA512

      ff0baee6975e99395fdac68968d897d7f73d44ffc36f2cace75e314449b4c8498d83b8853b185f2747a36f1374468549114702d0621b081d44d044f2966fe594

    • SSDEEP

      3072:IyriBnkx6IDBCeLwTCuZUpZ+5n8gyZE+SYr/EnVycAZGIbQrrJx0:liYweLw+uZ0iyDsu+Q

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks