General
-
Target
f47777f008e5396d338bfc50dd17851ec40ee342c98d052e410344316b8037fb
-
Size
280KB
-
Sample
221005-pnrttaece4
-
MD5
5f666a8f26c55a77013ed3a8b5da8ba6
-
SHA1
c82c69bda38d09ae7fb1796b07b43cb4be146226
-
SHA256
f47777f008e5396d338bfc50dd17851ec40ee342c98d052e410344316b8037fb
-
SHA512
751a35528c0b95db28579b8c6b7eb769a9ec337cea0c1b86f2ce2a45e39cf252f7016dec346a41de8931e193fb360eabd0bbda381fd1a5cf18dad2a4337ee99d
-
SSDEEP
6144:sfmkqFLsjT59YLImulrk3YXRRYZ0aI/QvuzbgwuqrVwVfU:sfhqFgjTULHulr4YBVpKunnr
Malware Config
Targets
-
-
Target
f47777f008e5396d338bfc50dd17851ec40ee342c98d052e410344316b8037fb
-
Size
280KB
-
MD5
5f666a8f26c55a77013ed3a8b5da8ba6
-
SHA1
c82c69bda38d09ae7fb1796b07b43cb4be146226
-
SHA256
f47777f008e5396d338bfc50dd17851ec40ee342c98d052e410344316b8037fb
-
SHA512
751a35528c0b95db28579b8c6b7eb769a9ec337cea0c1b86f2ce2a45e39cf252f7016dec346a41de8931e193fb360eabd0bbda381fd1a5cf18dad2a4337ee99d
-
SSDEEP
6144:sfmkqFLsjT59YLImulrk3YXRRYZ0aI/QvuzbgwuqrVwVfU:sfhqFgjTULHulr4YBVpKunnr
Score10/10-
Detects Smokeloader packer
-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses cryptocurrency files/wallets, possible credential harvesting
-
Legitimate hosting services abused for malware hosting/C2
-