General
-
Target
file.exe
-
Size
219KB
-
Sample
240524-qrs2qaff8z
-
MD5
503e59094f106fd25a0a6193d7556cdc
-
SHA1
f255f91c7d8fc94e4ec265b9ae5d2752c66b8fa2
-
SHA256
71480fc81a1e0eb85d94e08b31fa257204200371c01fbc3cbf7c45a622e66da3
-
SHA512
99d73876925ad80afbdecb675b911a4043e146fa4a5370444467cf3532d228d702131c4e0d57be897e08adb42b20a4e8d3069274a14a4c2ae1035e0ef54c80fa
-
SSDEEP
3072:Wu5cM9Mh1cHctcQI041+TBhLyRd5rZmSUZ1ivIRFC2sx++cQN/pLpay:CM9bscR00+85rZfUDivIzy+BCh
Malware Config
Extracted
smokeloader
pub1
Extracted
smokeloader
2022
http://trad-einmyus.com/index.php
http://tradein-myus.com/index.php
http://trade-inmyus.com/index.php
Targets
-
-
Target
file.exe
-
Size
219KB
-
MD5
503e59094f106fd25a0a6193d7556cdc
-
SHA1
f255f91c7d8fc94e4ec265b9ae5d2752c66b8fa2
-
SHA256
71480fc81a1e0eb85d94e08b31fa257204200371c01fbc3cbf7c45a622e66da3
-
SHA512
99d73876925ad80afbdecb675b911a4043e146fa4a5370444467cf3532d228d702131c4e0d57be897e08adb42b20a4e8d3069274a14a4c2ae1035e0ef54c80fa
-
SSDEEP
3072:Wu5cM9Mh1cHctcQI041+TBhLyRd5rZmSUZ1ivIRFC2sx++cQN/pLpay:CM9bscR00+85rZfUDivIzy+BCh
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Modifies Installed Components in the registry
-
Deletes itself
-