General
-
Target
ab66db0680bb17229bb5f58cce60819b_JaffaCakes118
-
Size
271KB
-
Sample
241128-hrgppavrbq
-
MD5
ab66db0680bb17229bb5f58cce60819b
-
SHA1
0475f981560b705b59842cf81475f07eac2b5b68
-
SHA256
a0039d484f3134cad7e173c2bee0e089982b881711d99e19d61229b4854e02a5
-
SHA512
38a7502e643772dd1d1f793a5ca9ddd39146dd836f328a7413bb61effe5ab6d5e68accbdc2df979186a58870bb9cf45afe75708ce0d00ef1a5288a85d8dd5e4c
-
SSDEEP
6144:MfcsNJUtMRTn4BLFr4Syqavvh3xQlmMopPzCHouWD1p8U:bsvUtMRj+LFr2vDIEtGHo3+
Malware Config
Extracted
smokeloader
0708
Targets
-
-
Target
ab66db0680bb17229bb5f58cce60819b_JaffaCakes118
-
Size
271KB
-
MD5
ab66db0680bb17229bb5f58cce60819b
-
SHA1
0475f981560b705b59842cf81475f07eac2b5b68
-
SHA256
a0039d484f3134cad7e173c2bee0e089982b881711d99e19d61229b4854e02a5
-
SHA512
38a7502e643772dd1d1f793a5ca9ddd39146dd836f328a7413bb61effe5ab6d5e68accbdc2df979186a58870bb9cf45afe75708ce0d00ef1a5288a85d8dd5e4c
-
SSDEEP
6144:MfcsNJUtMRTn4BLFr4Syqavvh3xQlmMopPzCHouWD1p8U:bsvUtMRj+LFr2vDIEtGHo3+
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Smokeloader family
-
Suspicious use of SetThreadContext
-