General
-
Target
2a557bd351d84f14848ac420bd7b30cd_JaffaCakes118
-
Size
4.6MB
-
Sample
240329-xsjm1aff3t
-
MD5
2a557bd351d84f14848ac420bd7b30cd
-
SHA1
e72f5561b02a6072c087ce20b10ac65b5f686b70
-
SHA256
cc8a57c09d862989b836cb500174db44118db4f0ef14d4b102b52f5949d172be
-
SHA512
e479f7be3e4dce813d478dcdbefe17e28a4fe87f5449d4a458a2a683ec8d8f97efb3be3e94c7a4fa91f150b39b28e2c9cdcff9090b3a864c7bb8d8f9dec4e79c
-
SSDEEP
98304:RLWA+M+SdtXTNO1zkcFRgUENaH5+sVDWIq05yJzPVKyS2xz:iMlXROh56cH0cDWI1gTS2
Malware Config
Extracted
smokeloader
2020
http://gfdjgdfjgdhfbg.space/
http://gfhjdsghdfjg23.space/
http://gdfjgdfh4543nf.space/
http://fgdjgsdfghj4fds.space/
http://fgdgdjfgfdgdf.space/
http://fsdhjfsdhfsd.space/
http://fgdsjghdfghjdfhgd.space/
http://ryuesrseyth3.space/
http://fdsjkuhreyu4.space/
http://fdgjdfgehr4.space/
http://fgdgjhdfgdfjgd.space/
Targets
-
-
Target
2a557bd351d84f14848ac420bd7b30cd_JaffaCakes118
-
Size
4.6MB
-
MD5
2a557bd351d84f14848ac420bd7b30cd
-
SHA1
e72f5561b02a6072c087ce20b10ac65b5f686b70
-
SHA256
cc8a57c09d862989b836cb500174db44118db4f0ef14d4b102b52f5949d172be
-
SHA512
e479f7be3e4dce813d478dcdbefe17e28a4fe87f5449d4a458a2a683ec8d8f97efb3be3e94c7a4fa91f150b39b28e2c9cdcff9090b3a864c7bb8d8f9dec4e79c
-
SSDEEP
98304:RLWA+M+SdtXTNO1zkcFRgUENaH5+sVDWIq05yJzPVKyS2xz:iMlXROh56cH0cDWI1gTS2
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Suspicious use of SetThreadContext
-