SmokeLoader2
SmokeLoader modular loader. autoruns.exe Sysinternals imitation. C2rj$ c2VIz c2 substrings. GetTickCount64. Active since 2014.
Threat Profile
Type
Loader
Programming LanguageC
C2 ProtocolHTTP/TCP
First Seen2011
Targets
Küresel
Purpose / Capabilities
- Payload Loader
No C2 servers have been identified for this family yet.
Research Reports (2)
SmokeLoader -- autoruns.exe Sysinternals Gizlemesi, C2rj$ C2v]/ c2VIz c2sel Dört C2 Substring | Yüksek
SmokeLoader 520KB autoruns.exe Sysinternals Autoruns gizlemesi. C2rj$ C2v]/ c2VIz c2+sel dort c2 substring. GetTickCount64 IsDebuggerPresent.
Read Report →SmokeLoader -- autoruns.exe Sysinternals Sahtecilik, Spaso Geliştirici PDB C:\Users\Spaso | Yüksek
SmokeLoader 520KB autoruns.exe Sysinternals Autoruns kılığında. C:\Users\Spaso stub.pdb Sırp gelistirici adi.
Read Report →