General
-
Target
4c5068ae1dc37622834d2e84dd827040d0aeed3aac17560bf731ec79f5793037
-
Size
269KB
-
Sample
230328-lqfmsaca2t
-
MD5
74db21999e569840b49b51d5bd28bc7f
-
SHA1
2a50cb2b7a96d75177a0d064254e57d5f0f0ce7b
-
SHA256
4c5068ae1dc37622834d2e84dd827040d0aeed3aac17560bf731ec79f5793037
-
SHA512
05cae2f2532911c4a1252b4f2363d322e5f97567c407464e350d93f6cdec1d9c86a775608ac53587b737a098cee04bec3f1047b2dba9fae77737b66d592541e7
-
SSDEEP
3072:2rRDQ9fQD0uqhKFeP+XS/sG8XrHCk3fUCnlb6iY0mDyLYSPfjmyhyolmSZ:wWQfkKW/s3S/oYi
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
4c5068ae1dc37622834d2e84dd827040d0aeed3aac17560bf731ec79f5793037
-
Size
269KB
-
MD5
74db21999e569840b49b51d5bd28bc7f
-
SHA1
2a50cb2b7a96d75177a0d064254e57d5f0f0ce7b
-
SHA256
4c5068ae1dc37622834d2e84dd827040d0aeed3aac17560bf731ec79f5793037
-
SHA512
05cae2f2532911c4a1252b4f2363d322e5f97567c407464e350d93f6cdec1d9c86a775608ac53587b737a098cee04bec3f1047b2dba9fae77737b66d592541e7
-
SSDEEP
3072:2rRDQ9fQD0uqhKFeP+XS/sG8XrHCk3fUCnlb6iY0mDyLYSPfjmyhyolmSZ:wWQfkKW/s3S/oYi
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Suspicious use of SetThreadContext
-