General
-
Target
5384e46cc252164fc0e86388e89b54d61ffb89c239aaec404005a1a0cfd4b931
-
Size
319KB
-
Sample
211203-pklhmageaq
-
MD5
eb7b5f906ecf73484d83886cf779a254
-
SHA1
dd323ccbab09005e4fd7e85d61a4f4296c0acb6e
-
SHA256
5384e46cc252164fc0e86388e89b54d61ffb89c239aaec404005a1a0cfd4b931
-
SHA512
5e136faaa654575fc9beecf1315fd72c010e3ca6fb361d5aa38ffde6b4baa3122b3f54a7afb4548fb0b14bec7540b6fedcac5299013d1a24a352407d013e3525
Malware Config
Extracted
smokeloader
2020
https://cinems.club/search.php
https://clothes.surf/search.php
Targets
-
-
Target
5384e46cc252164fc0e86388e89b54d61ffb89c239aaec404005a1a0cfd4b931
-
Size
319KB
-
MD5
eb7b5f906ecf73484d83886cf779a254
-
SHA1
dd323ccbab09005e4fd7e85d61a4f4296c0acb6e
-
SHA256
5384e46cc252164fc0e86388e89b54d61ffb89c239aaec404005a1a0cfd4b931
-
SHA512
5e136faaa654575fc9beecf1315fd72c010e3ca6fb361d5aa38ffde6b4baa3122b3f54a7afb4548fb0b14bec7540b6fedcac5299013d1a24a352407d013e3525
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-