Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    37facf65484ca63d7ea6a63c346b132b1f716698314e6ab58b6acada8e443bb3

  • Size

    213KB

  • Sample

    230105-yykmxsgf91

  • MD5

    78ea9ce8fed96c56b70727f1abd7843e

  • SHA1

    866efc41348b3ea94c38084b1af3bd6a3ad3eab1

  • SHA256

    37facf65484ca63d7ea6a63c346b132b1f716698314e6ab58b6acada8e443bb3

  • SHA512

    ff5d07a136663a237ba292aaca11e4b907585ec62295e30d67cd0302572788b57fbad7544f5ff43c2cff8105ea30f62e81b5000eda4183c79bcb045dba541a86

  • SSDEEP

    3072:70XhUmgSkL+n9rPTvWoZ5l8KCwozI05HEz7NoU8:7wUPL+n9vWoh8MraH0W

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      37facf65484ca63d7ea6a63c346b132b1f716698314e6ab58b6acada8e443bb3

    • Size

      213KB

    • MD5

      78ea9ce8fed96c56b70727f1abd7843e

    • SHA1

      866efc41348b3ea94c38084b1af3bd6a3ad3eab1

    • SHA256

      37facf65484ca63d7ea6a63c346b132b1f716698314e6ab58b6acada8e443bb3

    • SHA512

      ff5d07a136663a237ba292aaca11e4b907585ec62295e30d67cd0302572788b57fbad7544f5ff43c2cff8105ea30f62e81b5000eda4183c79bcb045dba541a86

    • SSDEEP

      3072:70XhUmgSkL+n9rPTvWoZ5l8KCwozI05HEz7NoU8:7wUPL+n9vWoh8MraH0W

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks