General
-
Target
c970962d9f99a8b0c7bb542d77fa7353379a0c576a4948f46c16039731944896
-
Size
313KB
-
Sample
211201-t3699sdhap
-
MD5
1df18eee77b7bdb425fa8079112ac215
-
SHA1
22e2b8857247c1d90c8b2d8c4abe45f17b552270
-
SHA256
c970962d9f99a8b0c7bb542d77fa7353379a0c576a4948f46c16039731944896
-
SHA512
a1e81b2acb729ba53007c65bf6949453034d44a573be7d18c6371886cb8c8626b2ef75f6ac401b0cf2b816d211f87d16440fe6d1e6873c344ddf6ca1e8089dbe
Malware Config
Extracted
smokeloader
2020
https://cinems.club/search.php
https://clothes.surf/search.php
Targets
-
-
Target
c970962d9f99a8b0c7bb542d77fa7353379a0c576a4948f46c16039731944896
-
Size
313KB
-
MD5
1df18eee77b7bdb425fa8079112ac215
-
SHA1
22e2b8857247c1d90c8b2d8c4abe45f17b552270
-
SHA256
c970962d9f99a8b0c7bb542d77fa7353379a0c576a4948f46c16039731944896
-
SHA512
a1e81b2acb729ba53007c65bf6949453034d44a573be7d18c6371886cb8c8626b2ef75f6ac401b0cf2b816d211f87d16440fe6d1e6873c344ddf6ca1e8089dbe
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-