General
-
Target
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
Size
304KB
-
Sample
220521-tgbw8saae5
-
MD5
cfbe64a303fb6e0000c7859bfb13a1a2
-
SHA1
a6b85217a3bd9ef76f1235a9ab92384b96b7fede
-
SHA256
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
SHA512
c411656d43d9b709db77c153da224e2930d26200dc081082d0a4beb0be23b6e63c9e747ec3d650cd670f72c08d79ba40d49c9091344e305a01657916109284b1
Malware Config
Extracted
smokeloader
2020
https://ny-city-mall.com/search.php
https://fresh-cars.net/search.php
Targets
-
-
Target
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
Size
304KB
-
MD5
cfbe64a303fb6e0000c7859bfb13a1a2
-
SHA1
a6b85217a3bd9ef76f1235a9ab92384b96b7fede
-
SHA256
256340cafa360c86852d0f2b648e85a9e0957a66f58c0bc572f6b7482bb75135
-
SHA512
c411656d43d9b709db77c153da224e2930d26200dc081082d0a4beb0be23b6e63c9e747ec3d650cd670f72c08d79ba40d49c9091344e305a01657916109284b1
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-