SmokeLoader2

SmokeLoader modular loader. autoruns.exe Sysinternals imitation. C2rj$ c2VIz c2 substrings. GetTickCount64. Active since 2014.

Threat Profile
Type Loader
Programming LanguageC
C2 ProtocolHTTP/TCP
First Seen2011
Targets Küresel
Purpose / Capabilities
  • Payload Loader
No C2 servers have been identified for this family yet.

Research Reports (2)

High

SmokeLoader -- autoruns.exe Sysinternals Gizlemesi, C2rj$ C2v]/ c2VIz c2sel Dört C2 Substring | Yüksek

SmokeLoader 520KB autoruns.exe Sysinternals Autoruns gizlemesi. C2rj$ C2v]/ c2VIz c2+sel dort c2 substring. GetTickCount64 IsDebuggerPresent.

Read Report →
High

SmokeLoader -- autoruns.exe Sysinternals Sahtecilik, Spaso Geliştirici PDB C:\Users\Spaso | Yüksek

SmokeLoader 520KB autoruns.exe Sysinternals Autoruns kılığında. C:\Users\Spaso stub.pdb Sırp gelistirici adi.

Read Report →