Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e5735a9db98719d3dca5f0f18a59413dd31c015e58c9dd78073b4c5d10318b9d

  • Size

    139KB

  • Sample

    221129-311jdadg8t

  • MD5

    19b946e86c8461af6d9a1e5be8af9aa6

  • SHA1

    459e41f7b4756cbe8139ab4525abc2befc631e17

  • SHA256

    e5735a9db98719d3dca5f0f18a59413dd31c015e58c9dd78073b4c5d10318b9d

  • SHA512

    2544202fcf8c411051138f2e9730ddbf267cf2601229517f32b6ffef608b647f7e75622594bf2483edf5443ebb9c885653fc52f290bfb1898a90ac7cc5fa1f15

  • SSDEEP

    1536:lpu4abLoG+fFVsQmVr5lJUFgeZ3hyZhbFnzw6MamLcYho3SikNJHFV5VfL+X4lD:nTutr5PUBZmPUN2Y6CHNhLRl

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      e5735a9db98719d3dca5f0f18a59413dd31c015e58c9dd78073b4c5d10318b9d

    • Size

      139KB

    • MD5

      19b946e86c8461af6d9a1e5be8af9aa6

    • SHA1

      459e41f7b4756cbe8139ab4525abc2befc631e17

    • SHA256

      e5735a9db98719d3dca5f0f18a59413dd31c015e58c9dd78073b4c5d10318b9d

    • SHA512

      2544202fcf8c411051138f2e9730ddbf267cf2601229517f32b6ffef608b647f7e75622594bf2483edf5443ebb9c885653fc52f290bfb1898a90ac7cc5fa1f15

    • SSDEEP

      1536:lpu4abLoG+fFVsQmVr5lJUFgeZ3hyZhbFnzw6MamLcYho3SikNJHFV5VfL+X4lD:nTutr5PUBZmPUN2Y6CHNhLRl

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks