Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3afc93a38d805b014502c8aab7c12945e3469b63a79e2bfea7101cc011b578b2

  • Size

    212KB

  • Sample

    230309-cv4qqsab95

  • MD5

    776334c0e8b22c29f2d22b5f11b0af77

  • SHA1

    e6565024701a3768a6d3bedfc48fa8d5b3d6c0dd

  • SHA256

    3afc93a38d805b014502c8aab7c12945e3469b63a79e2bfea7101cc011b578b2

  • SHA512

    8ee51e32f131a35f0dfaed2b2a62f05721e08a057316bbca21df0529eec8ba1066c2c1da0a52f13cdf61da1c6979998e3c866efb0f531506d0767bc9c37ed490

  • SSDEEP

    3072:mZXkaon+lS7IhK6HBF+UeoVanoANOF8Z5KNXAbQmi:2o+lSfPDoANY8ZW8QN

Score
10/10
smokeloaderbackdoorpersistencetrojan

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/
rc4.i32
rc4.i32

Targets

    • Target

      3afc93a38d805b014502c8aab7c12945e3469b63a79e2bfea7101cc011b578b2

    • Size

      212KB

    • MD5

      776334c0e8b22c29f2d22b5f11b0af77

    • SHA1

      e6565024701a3768a6d3bedfc48fa8d5b3d6c0dd

    • SHA256

      3afc93a38d805b014502c8aab7c12945e3469b63a79e2bfea7101cc011b578b2

    • SHA512

      8ee51e32f131a35f0dfaed2b2a62f05721e08a057316bbca21df0529eec8ba1066c2c1da0a52f13cdf61da1c6979998e3c866efb0f531506d0767bc9c37ed490

    • SSDEEP

      3072:mZXkaon+lS7IhK6HBF+UeoVanoANOF8Z5KNXAbQmi:2o+lSfPDoANY8ZW8QN

    Score
    10/10
    smokeloaderbackdoorpersistencetrojan

    • Detects Smokeloader packer

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Downloads MZ/PE file

    • Executes dropped EXE

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v6

Tasks