General
-
Target
f510c3bc0a75d067fb42fb971af11cb3b95d97ec9954756b28d8e3da252ab5da
-
Size
313KB
-
Sample
211201-rewgracgcl
-
MD5
5e377fa55b62c17707e8be011237839b
-
SHA1
69912a46c7d24165c7a2d871268204f555fb4b1e
-
SHA256
f510c3bc0a75d067fb42fb971af11cb3b95d97ec9954756b28d8e3da252ab5da
-
SHA512
22d103fbc4ace354a947f76245a85842031fd0bdaf13099174cf4495de17247960f0dd9c3a2adc85254d68f0332b6b4457d706b6e5c7442ae5bde7aa4d704267
Malware Config
Extracted
smokeloader
2020
https://cinems.club/search.php
https://clothes.surf/search.php
Targets
-
-
Target
f510c3bc0a75d067fb42fb971af11cb3b95d97ec9954756b28d8e3da252ab5da
-
Size
313KB
-
MD5
5e377fa55b62c17707e8be011237839b
-
SHA1
69912a46c7d24165c7a2d871268204f555fb4b1e
-
SHA256
f510c3bc0a75d067fb42fb971af11cb3b95d97ec9954756b28d8e3da252ab5da
-
SHA512
22d103fbc4ace354a947f76245a85842031fd0bdaf13099174cf4495de17247960f0dd9c3a2adc85254d68f0332b6b4457d706b6e5c7442ae5bde7aa4d704267
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-