General
-
Target
https://appwebhotbest.info/2YYzrvHL?external_id=3434ogk2cddib
-
Sample
210226-kreyrehxwn
Score
10/10
Malware Config
Extracted
Family
smokeloader
Version
2020
C2
http://etasuklavish.today/
http://mragyzmachnobesdi.today/
http://kimchinikuzims.today/
http://slacvostinrius.today/
http://straponuliusyn.today/
http://grammmdinss.today/
http://viprasputinsd.chimkent.su/
http://lupadypa.dagestan.su/
http://stoknolimchin.exnet.su/
http://musaroprovadnikov.live/
http://teemforyourexprensiti.life/
http://stolkgolmishutich.termez.su/
http://roompampamgandish.wtf/
rc4.i32
rc4.i32
Targets
-
-
Target
https://appwebhotbest.info/2YYzrvHL?external_id=3434ogk2cddib
Score10/10-
SmokeLoader
Modular backdoor trojan in use since 2014.
-
Executes dropped EXE
-
Loads dropped DLL
-