Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    acdb7a96617754bd48192b679466645840cc3600c78fff2931e827ce0e415b09

  • Size

    327KB

  • Sample

    230110-d18sbaeg4w

  • MD5

    790d065e1cbf9bfa45aba74afdb4a660

  • SHA1

    764878ddec582fc4d8ee48e09db03bdda17cde5e

  • SHA256

    acdb7a96617754bd48192b679466645840cc3600c78fff2931e827ce0e415b09

  • SHA512

    995c6db403195dc9fc5340932c13c56f3659006397c8cd201b331a6bda63a79e6642d0b9f9cc96b08813cf7a3b256395fd1ca28da3b5b6ce3596cd668a400ae0

  • SSDEEP

    6144:l+lvj2+a/MBntI+xu7fWbg7dBA0X31JY:l+piREntI+xu7+Cn1

Score
10/10
smokeloaderbackdoorspywarestealertrojan

Malware Config

Targets

    • Target

      acdb7a96617754bd48192b679466645840cc3600c78fff2931e827ce0e415b09

    • Size

      327KB

    • MD5

      790d065e1cbf9bfa45aba74afdb4a660

    • SHA1

      764878ddec582fc4d8ee48e09db03bdda17cde5e

    • SHA256

      acdb7a96617754bd48192b679466645840cc3600c78fff2931e827ce0e415b09

    • SHA512

      995c6db403195dc9fc5340932c13c56f3659006397c8cd201b331a6bda63a79e6642d0b9f9cc96b08813cf7a3b256395fd1ca28da3b5b6ce3596cd668a400ae0

    • SSDEEP

      6144:l+lvj2+a/MBntI+xu7fWbg7dBA0X31JY:l+piREntI+xu7+Cn1

    Score
    10/10
    smokeloaderbackdoorspywarestealertrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks