Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afe397349912cff8044a95b3c5ec89643097044798490c366b36c4921553453e

  • Size

    235KB

  • Sample

    221230-j7ncvafc36

  • MD5

    5c242afb9e98da06edad4d5750b058bb

  • SHA1

    08c077e72a96552ace13b263bcc9faa694d39465

  • SHA256

    afe397349912cff8044a95b3c5ec89643097044798490c366b36c4921553453e

  • SHA512

    697283c8a5001c4732313add8136ea1517510737f2ad5e93c9e29d09e23a9afd090851f331a8299c076d7f0eab4ef9e65afc3e984682e8b6442aee9aadd13e2c

  • SSDEEP

    3072:urtL6TRWVqKlDfdiqwl/8b0sa1mLU8y5/LU8y5Fjwx3qB6xuqqb53y1teM:uL6qqKljdUlwho5orsRVx3E5

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      afe397349912cff8044a95b3c5ec89643097044798490c366b36c4921553453e

    • Size

      235KB

    • MD5

      5c242afb9e98da06edad4d5750b058bb

    • SHA1

      08c077e72a96552ace13b263bcc9faa694d39465

    • SHA256

      afe397349912cff8044a95b3c5ec89643097044798490c366b36c4921553453e

    • SHA512

      697283c8a5001c4732313add8136ea1517510737f2ad5e93c9e29d09e23a9afd090851f331a8299c076d7f0eab4ef9e65afc3e984682e8b6442aee9aadd13e2c

    • SSDEEP

      3072:urtL6TRWVqKlDfdiqwl/8b0sa1mLU8y5/LU8y5Fjwx3qB6xuqqb53y1teM:uL6qqKljdUlwho5orsRVx3E5

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks