Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c0963c6bcc7e76b68c50177807d843dcb43aa58b2ad67bb8d7d3689f4ee00143

  • Size

    248KB

  • Sample

    230329-sb8hksgg57

  • MD5

    61f9a1d18a0c61a1c2cb999c8b27f62e

  • SHA1

    a18eb6ea843f780cd364844e553a6d7eba573ccb

  • SHA256

    c0963c6bcc7e76b68c50177807d843dcb43aa58b2ad67bb8d7d3689f4ee00143

  • SHA512

    3e6cc267f773b69d2427c1b743cb994ac954162a999b303af0d6ee50d03f8341d8b36bcec57cf1e36529c98cbe90269de40c4bf0ad72a59705107637a457a27d

  • SSDEEP

    3072:z3PSzkpQ0Y8XPD193LBWwl6Of1p1QRrllZZx2IurU/r0Ewt483Zph:GzkKuPD1JLBn6ONpgPxuG0E+3

Score
10/10
smokeloaderlabbackdoortrojan

Malware Config

Extracted

Family

smokeloader

Botnet

lab

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/
rc4.i32
rc4.i32

Targets

    • Target

      c0963c6bcc7e76b68c50177807d843dcb43aa58b2ad67bb8d7d3689f4ee00143

    • Size

      248KB

    • MD5

      61f9a1d18a0c61a1c2cb999c8b27f62e

    • SHA1

      a18eb6ea843f780cd364844e553a6d7eba573ccb

    • SHA256

      c0963c6bcc7e76b68c50177807d843dcb43aa58b2ad67bb8d7d3689f4ee00143

    • SHA512

      3e6cc267f773b69d2427c1b743cb994ac954162a999b303af0d6ee50d03f8341d8b36bcec57cf1e36529c98cbe90269de40c4bf0ad72a59705107637a457a27d

    • SSDEEP

      3072:z3PSzkpQ0Y8XPD193LBWwl6Of1p1QRrllZZx2IurU/r0Ewt483Zph:GzkKuPD1JLBn6ONpgPxuG0E+3

    Score
    10/10
    smokeloaderlabbackdoortrojan
    behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks