General
-
Target
77c71e8c9a49cda6f2427061865662e939a0aad3eee7429a0faff00005428628
-
Size
303KB
-
Sample
220521-gxx37aadh3
-
MD5
4a4b2cd542d544ecdff2413a506a4878
-
SHA1
f5a43fe3ddec82040a6508afa85626dcbbe0405e
-
SHA256
77c71e8c9a49cda6f2427061865662e939a0aad3eee7429a0faff00005428628
-
SHA512
456e9b18222bfa378dcb1654dc56da22f75bb81b48563af0fd5db10bc3685c1ac2923bf2660009ea453cf726087477760f8187f67ef54ae95516ebfc71836489
Malware Config
Extracted
smokeloader
2020
https://ny-city-mall.com/search.php
https://fresh-cars.net/search.php
Targets
-
-
Target
77c71e8c9a49cda6f2427061865662e939a0aad3eee7429a0faff00005428628
-
Size
303KB
-
MD5
4a4b2cd542d544ecdff2413a506a4878
-
SHA1
f5a43fe3ddec82040a6508afa85626dcbbe0405e
-
SHA256
77c71e8c9a49cda6f2427061865662e939a0aad3eee7429a0faff00005428628
-
SHA512
456e9b18222bfa378dcb1654dc56da22f75bb81b48563af0fd5db10bc3685c1ac2923bf2660009ea453cf726087477760f8187f67ef54ae95516ebfc71836489
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-