Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    f991e808ed44c731fea1758fd6a275ec4e3ee66a5a691dbf1f9414a5faa144a1

  • Size

    497KB

  • Sample

    230801-xr2r7abg7y

  • MD5

    f06f0f0288cdc3abca062037eed25964

  • SHA1

    0b13302622c80b36385bedce93b999081ed20d87

  • SHA256

    f991e808ed44c731fea1758fd6a275ec4e3ee66a5a691dbf1f9414a5faa144a1

  • SHA512

    d40993a93ad0a92570a80f96d33d55f8a44157a5a0a8bf83f1044394c5eface950c5be763b331e50dbc121890b70ab2bc72ca29096601d1c2952f242c8c44394

  • SSDEEP

    12288:OnDOS1B4EjNHiBWOB3o5GzxUiuJZHOifD:ODOojNHi0Mo5GzCTJM

Score
10/10
amadeysmokeloaderpub5backdoortrojan

Malware Config

Extracted

Family

amadey

Version

3.83

C2

45.9.74.80/0bjdn2Z/index.php

Extracted

Family

smokeloader

Botnet

pub5

Extracted

Family

smokeloader

Version

2022

C2

http://greenbi.net/tmp/

http://speakdyn.com/tmp/

http://pik96.ru/tmp/
rc4.i32
rc4.i32

Targets

    • Target

      f991e808ed44c731fea1758fd6a275ec4e3ee66a5a691dbf1f9414a5faa144a1

    • Size

      497KB

    • MD5

      f06f0f0288cdc3abca062037eed25964

    • SHA1

      0b13302622c80b36385bedce93b999081ed20d87

    • SHA256

      f991e808ed44c731fea1758fd6a275ec4e3ee66a5a691dbf1f9414a5faa144a1

    • SHA512

      d40993a93ad0a92570a80f96d33d55f8a44157a5a0a8bf83f1044394c5eface950c5be763b331e50dbc121890b70ab2bc72ca29096601d1c2952f242c8c44394

    • SSDEEP

      12288:OnDOS1B4EjNHiBWOB3o5GzxUiuJZHOifD:ODOojNHi0Mo5GzCTJM

    Score
    10/10
    amadeysmokeloaderpub5backdoortrojan

    • Amadey

      Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

      trojanamadey

    • SmokeLoader

      Modular backdoor trojan in use since 2014.

      trojanbackdoorsmokeloader

    • Executes dropped EXE

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks