Overview

overview

10

Static

static

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    bc4df2381fc98d6f1aef8e6ba30bbdc5330d6a73348cad9db2c4943f1555d0a8

  • Size

    278KB

  • Sample

    230110-yfwmgahc84

  • MD5

    3a83057b6c2b478b3f5f5b73f82c124e

  • SHA1

    409bbaeb746688839bc8ea75bac5d5ae50e29816

  • SHA256

    bc4df2381fc98d6f1aef8e6ba30bbdc5330d6a73348cad9db2c4943f1555d0a8

  • SHA512

    d1cc4deb3b3592c2882385e55a34c25bb18cc9e5c65361c08dabf5b6a99787ca9eb7cbc2e5bd968b77776026a92ece63929221e30fa0e5034b56172f547af026

  • SSDEEP

    3072:mXEZFhmzRK4p7LdmTHNSJsNo5scoSj35dftR8WjYYVu9PDhism2m4FwCpjKpEAH7:OTzRZLyHNEsNx+DR8W0XPDHmnEmQLr

Score
10/10
smokeloaderbackdoorspywarestealertrojan

Malware Config

Targets

    • Target

      bc4df2381fc98d6f1aef8e6ba30bbdc5330d6a73348cad9db2c4943f1555d0a8

    • Size

      278KB

    • MD5

      3a83057b6c2b478b3f5f5b73f82c124e

    • SHA1

      409bbaeb746688839bc8ea75bac5d5ae50e29816

    • SHA256

      bc4df2381fc98d6f1aef8e6ba30bbdc5330d6a73348cad9db2c4943f1555d0a8

    • SHA512

      d1cc4deb3b3592c2882385e55a34c25bb18cc9e5c65361c08dabf5b6a99787ca9eb7cbc2e5bd968b77776026a92ece63929221e30fa0e5034b56172f547af026

    • SSDEEP

      3072:mXEZFhmzRK4p7LdmTHNSJsNo5scoSj35dftR8WjYYVu9PDhism2m4FwCpjKpEAH7:OTzRZLyHNEsNx+DR8W0XPDHmnEmQLr

    Score
    10/10
    smokeloaderbackdoorspywarestealertrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses cryptocurrency files/wallets, possible credential harvesting

      spyware
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks