Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e583878f0974903860253b100c69b71aa4bafcb34567ebb60ee53af6900d91bb

  • Size

    184KB

  • Sample

    221130-lz9l8aac79

  • MD5

    cb57d4933a6d9ce877f27b034a3b0332

  • SHA1

    af274db3e0a20fbd23637aa6129bfdf8ca6ed709

  • SHA256

    e583878f0974903860253b100c69b71aa4bafcb34567ebb60ee53af6900d91bb

  • SHA512

    db1d5bf204efe872c1dc1ea69156f821c5d0bcbf569859d39314cb67d6b17648fe0243b068f95dec8d20ce274cd997d7e2bb3e2a490abfbd972ad26eb0651f23

  • SSDEEP

    3072:9DoMRLPAxgsIK5hz5r8k7wmL9BI2HyNsWsDL90LYZcEJ:6M+xgklh7dHHBV08

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      e583878f0974903860253b100c69b71aa4bafcb34567ebb60ee53af6900d91bb

    • Size

      184KB

    • MD5

      cb57d4933a6d9ce877f27b034a3b0332

    • SHA1

      af274db3e0a20fbd23637aa6129bfdf8ca6ed709

    • SHA256

      e583878f0974903860253b100c69b71aa4bafcb34567ebb60ee53af6900d91bb

    • SHA512

      db1d5bf204efe872c1dc1ea69156f821c5d0bcbf569859d39314cb67d6b17648fe0243b068f95dec8d20ce274cd997d7e2bb3e2a490abfbd972ad26eb0651f23

    • SSDEEP

      3072:9DoMRLPAxgsIK5hz5r8k7wmL9BI2HyNsWsDL90LYZcEJ:6M+xgklh7dHHBV08

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Web Service

1
T1102

Impact

Tasks