General
-
Target
f28c6da69dd8db2f3da86bbb6c18e7b6_JaffaCakes118
-
Size
311KB
-
Sample
240416-dnptnsga25
-
MD5
f28c6da69dd8db2f3da86bbb6c18e7b6
-
SHA1
900799d06a0a23c305fe9b6b1f67df43ead6132c
-
SHA256
29e3bef6789ae94f2a2117b7ed537b4914b35aedf94b44c266c3b4855fe1215e
-
SHA512
e47abd096400a56963e0751b00210ea16e27cbdbe2388eb524430bff1c2b03fc77cf921050e7bc2c9337480aa9ec621d47de521c8fc82a9564e8cbfea814570a
-
SSDEEP
6144:Qf2O2J40siLvPWUO1ltzNgvRdnCpFvsVi0aZ1BntOU1:QkxsizWR1DNg5cpF70aZ1X
Malware Config
Extracted
smokeloader
pub5
Extracted
smokeloader
2020
http://directorycart.com/upload/
http://tierzahnarzt.at/upload/
http://streetofcards.com/upload/
http://ycdfzd.com/upload/
http://successcoachceo.com/upload/
http://uhvu.cn/upload/
http://japanarticle.com/upload/
Targets
-
-
Target
f28c6da69dd8db2f3da86bbb6c18e7b6_JaffaCakes118
-
Size
311KB
-
MD5
f28c6da69dd8db2f3da86bbb6c18e7b6
-
SHA1
900799d06a0a23c305fe9b6b1f67df43ead6132c
-
SHA256
29e3bef6789ae94f2a2117b7ed537b4914b35aedf94b44c266c3b4855fe1215e
-
SHA512
e47abd096400a56963e0751b00210ea16e27cbdbe2388eb524430bff1c2b03fc77cf921050e7bc2c9337480aa9ec621d47de521c8fc82a9564e8cbfea814570a
-
SSDEEP
6144:Qf2O2J40siLvPWUO1ltzNgvRdnCpFvsVi0aZ1BntOU1:QkxsizWR1DNg5cpF70aZ1X
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Deletes itself
-
Executes dropped EXE
-