General
-
Target
865b3db67f0565e0b41e72aa036d78183c33dab95bd4be7b4f13aebda88ab0c0.exe
-
Size
195KB
-
Sample
230630-pk2vlsbh61
-
MD5
5a78962af28ad4733562fbbe0b73c8ae
-
SHA1
35fcf2c3ef89eb96dd3923a091d7a1404b600630
-
SHA256
865b3db67f0565e0b41e72aa036d78183c33dab95bd4be7b4f13aebda88ab0c0
-
SHA512
31aa2dcccd58051f60bbf367f7290f4d4b7505f8f5f6616d9bf576b54645422af0717960ef55f61c66d003f422375d3613a684e419843c7a1941f1e17a968264
-
SSDEEP
3072:lXZqhGLcCLZycXSVx5P7C5/uEfvAo0Eri0W+GYcqUkZh6t2:hkCLlSVS5/uqUEmfXu768
Malware Config
Extracted
smokeloader
lab
Extracted
smokeloader
2020
http://host-file-host6.com/
http://host-host-file8.com/
Targets
-
-
Target
865b3db67f0565e0b41e72aa036d78183c33dab95bd4be7b4f13aebda88ab0c0.exe
-
Size
195KB
-
MD5
5a78962af28ad4733562fbbe0b73c8ae
-
SHA1
35fcf2c3ef89eb96dd3923a091d7a1404b600630
-
SHA256
865b3db67f0565e0b41e72aa036d78183c33dab95bd4be7b4f13aebda88ab0c0
-
SHA512
31aa2dcccd58051f60bbf367f7290f4d4b7505f8f5f6616d9bf576b54645422af0717960ef55f61c66d003f422375d3613a684e419843c7a1941f1e17a968264
-
SSDEEP
3072:lXZqhGLcCLZycXSVx5P7C5/uEfvAo0Eri0W+GYcqUkZh6t2:hkCLlSVS5/uqUEmfXu768
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Suspicious use of SetThreadContext
-