Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    32aa10810985d2bb73d515ca8dfd54bebd9e3b3696dd95b2ee2f76374283eb77

  • Size

    146KB

  • Sample

    221129-zbnazagh2z

  • MD5

    f0e99980a9097a15a7ee8bd566683a56

  • SHA1

    bc99e399cf0f421bec4aac0afb1214dc99215b0d

  • SHA256

    32aa10810985d2bb73d515ca8dfd54bebd9e3b3696dd95b2ee2f76374283eb77

  • SHA512

    4b9933770fed08700d7caee92da27ae86b0ac7053fb06bf2137db5949caabee73bc7b14cada24c1be37754cb9b502cbccc22ae23542ed3ca799c97cac84d8d65

  • SSDEEP

    3072:dD5YVbvU122Np5i/SiqmBS9h3el/Jc8o437Vg37:UVA12D/t7S9h6/28l747

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      32aa10810985d2bb73d515ca8dfd54bebd9e3b3696dd95b2ee2f76374283eb77

    • Size

      146KB

    • MD5

      f0e99980a9097a15a7ee8bd566683a56

    • SHA1

      bc99e399cf0f421bec4aac0afb1214dc99215b0d

    • SHA256

      32aa10810985d2bb73d515ca8dfd54bebd9e3b3696dd95b2ee2f76374283eb77

    • SHA512

      4b9933770fed08700d7caee92da27ae86b0ac7053fb06bf2137db5949caabee73bc7b14cada24c1be37754cb9b502cbccc22ae23542ed3ca799c97cac84d8d65

    • SSDEEP

      3072:dD5YVbvU122Np5i/SiqmBS9h3el/Jc8o437Vg37:UVA12D/t7S9h6/28l747

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks