Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    aed1f3edd0723133233b66460663fda4401bacb660e0381cbaeca93a544b9b68

  • Size

    274KB

  • Sample

    221128-sze6yade62

  • MD5

    1c9b88d959c34d2c4367661eb8309710

  • SHA1

    3173eb6e1faed2728c98db0790b2874f78f22b1a

  • SHA256

    aed1f3edd0723133233b66460663fda4401bacb660e0381cbaeca93a544b9b68

  • SHA512

    fa6f38513d987da5ab0ac263fa7c4ae9457e41c2c0725607c33549ecfb570508148ccf4e5c4c247dfdc9396d3b0b9e65c8fd4e999163b610ed5f756dc4d34427

  • SSDEEP

    6144:myGEuO434Y+PpyKKtepKc4FH6dVIVFvg4/FQF:QEuOhY+PpkepT4FHpDgSm

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      aed1f3edd0723133233b66460663fda4401bacb660e0381cbaeca93a544b9b68

    • Size

      274KB

    • MD5

      1c9b88d959c34d2c4367661eb8309710

    • SHA1

      3173eb6e1faed2728c98db0790b2874f78f22b1a

    • SHA256

      aed1f3edd0723133233b66460663fda4401bacb660e0381cbaeca93a544b9b68

    • SHA512

      fa6f38513d987da5ab0ac263fa7c4ae9457e41c2c0725607c33549ecfb570508148ccf4e5c4c247dfdc9396d3b0b9e65c8fd4e999163b610ed5f756dc4d34427

    • SSDEEP

      6144:myGEuO434Y+PpyKKtepKc4FH6dVIVFvg4/FQF:QEuOhY+PpkepT4FHpDgSm

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks