Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    348f6734e53f25e6b3f4e66dec24c4e971d7c038192f563cab41d6303a2fcac4

  • Size

    341KB

  • Sample

    230125-mmjqpsfg35

  • MD5

    eabca0bea7a7da07ea16ce6b3af25752

  • SHA1

    c01354add056d8a8b2913475ccbdfb597eed349e

  • SHA256

    348f6734e53f25e6b3f4e66dec24c4e971d7c038192f563cab41d6303a2fcac4

  • SHA512

    c2f8dad40e62f6b7bedbf5c21ba51e8a68075b49b3a96458de430287f5e9ba1c06a246328ac29d13a1c618d13470ebe9ad1592b356e3181d37a760e5e7360d39

  • SSDEEP

    6144:tLmleO5dOLt8RF8aloOjq7VWRFBMolz90gXSWITm:taljCLt8jXE7VWR5lzVCG

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Targets

    • Target

      348f6734e53f25e6b3f4e66dec24c4e971d7c038192f563cab41d6303a2fcac4

    • Size

      341KB

    • MD5

      eabca0bea7a7da07ea16ce6b3af25752

    • SHA1

      c01354add056d8a8b2913475ccbdfb597eed349e

    • SHA256

      348f6734e53f25e6b3f4e66dec24c4e971d7c038192f563cab41d6303a2fcac4

    • SHA512

      c2f8dad40e62f6b7bedbf5c21ba51e8a68075b49b3a96458de430287f5e9ba1c06a246328ac29d13a1c618d13470ebe9ad1592b356e3181d37a760e5e7360d39

    • SSDEEP

      6144:tLmleO5dOLt8RF8aloOjq7VWRFBMolz90gXSWITm:taljCLt8jXE7VWR5lzVCG

    Score
    10/10
    smokeloaderbackdoortrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Deletes itself

    behavioral1

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

          Execution

            Exfiltration

              Impact

                Initial Access

                  Lateral Movement

                    Persistence

                      Privilege Escalation

                        Tasks