General
-
Target
215e9bd05e8bf4be652e326abd3b401e_JaffaCakes118
-
Size
337KB
-
Sample
240329-n4mdlagb41
-
MD5
215e9bd05e8bf4be652e326abd3b401e
-
SHA1
7354d6ef1c829b56d5f563c6b77f0992a004e9f6
-
SHA256
41d705b23aa424d075a17f9c5490d46cec5803dd13ac35c4cc1b66175bea1b77
-
SHA512
5ce3cae6dd75c950abe3d5a7c4eea901f25d3a4dfaaf13f05dc736216f7f4a8d20b98853a3a0575782531f1f53631e61fb14330207e9cd9ce4fc8984f633bdfb
-
SSDEEP
6144:jkw5RzflQBKmeMRVfmrjxiUpsaPx4x1SvntcxE7h:5ROEnofmrjxiUlPo1SvntM4
Malware Config
Extracted
smokeloader
pub3
Extracted
smokeloader
2020
http://gmpeople.com/upload/
http://mile48.com/upload/
http://lecanardstsornin.com/upload/
http://m3600.com/upload/
http://camasirx.com/upload/
Targets
-
-
Target
215e9bd05e8bf4be652e326abd3b401e_JaffaCakes118
-
Size
337KB
-
MD5
215e9bd05e8bf4be652e326abd3b401e
-
SHA1
7354d6ef1c829b56d5f563c6b77f0992a004e9f6
-
SHA256
41d705b23aa424d075a17f9c5490d46cec5803dd13ac35c4cc1b66175bea1b77
-
SHA512
5ce3cae6dd75c950abe3d5a7c4eea901f25d3a4dfaaf13f05dc736216f7f4a8d20b98853a3a0575782531f1f53631e61fb14330207e9cd9ce4fc8984f633bdfb
-
SSDEEP
6144:jkw5RzflQBKmeMRVfmrjxiUpsaPx4x1SvntcxE7h:5ROEnofmrjxiUlPo1SvntM4
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Deletes itself
-