General
-
Target
18110b7c5b9c2bfc406958bf96c89c4574e27da52f938ed9c24c03211b222548
-
Size
305KB
-
Sample
220521-zf3lfsdch6
-
MD5
03846f4628dc28b6d17720e9658e7b48
-
SHA1
b9254fc72be323c0aaaa4b43283ba06a2ae199ab
-
SHA256
18110b7c5b9c2bfc406958bf96c89c4574e27da52f938ed9c24c03211b222548
-
SHA512
28091f6038a9de347893a56c9f35773f5ce4aeb452a1230e1a1deb52c07fbc46c6ba92b9e85ee4685850995d01f424c4f5fa302e754083af6a85358f9c31472d
Malware Config
Extracted
smokeloader
2020
https://ny-city-mall.com/search.php
https://fresh-cars.net/search.php
Targets
-
-
Target
18110b7c5b9c2bfc406958bf96c89c4574e27da52f938ed9c24c03211b222548
-
Size
305KB
-
MD5
03846f4628dc28b6d17720e9658e7b48
-
SHA1
b9254fc72be323c0aaaa4b43283ba06a2ae199ab
-
SHA256
18110b7c5b9c2bfc406958bf96c89c4574e27da52f938ed9c24c03211b222548
-
SHA512
28091f6038a9de347893a56c9f35773f5ce4aeb452a1230e1a1deb52c07fbc46c6ba92b9e85ee4685850995d01f424c4f5fa302e754083af6a85358f9c31472d
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows dir Microsoft Windows DOS prompt command exit OUTBOUND
-
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
suricata: ET MALWARE Windows route Microsoft Windows DOS prompt command exit OUTBOUND
-
Modifies Windows Firewall
-
Deletes itself
-
Accesses Microsoft Outlook profiles
-