Overview

overview

10

Static

static

6rcjq.exe

windows7_x64

10

6rcjq.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6rcjq.zip

  • Size

    132KB

  • Sample

    210425-184aq6c74e

  • MD5

    7f935d86064652f42176a335048d80de

  • SHA1

    b3c3141554300c9a8e6ed7cdaf8f9c40e5e9e37f

  • SHA256

    e4314d39059494b37391cc2c5961dd7e2d6081c7d7f5c73353efe82b8be0e891

  • SHA512

    1fcb2c10548075c899a63bf828afc54e33489d73198fccb6197b45a126d8ad73522cf74e54890366387a9aafe3bac9834529267dbb5058480cdf1a5c86768933

Score
10/10
smokeloaderbackdoortrojan

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://etasuklavish.today/

http://mragyzmachnobesdi.today/

http://kimchinikuzims.today/

http://slacvostinrius.today/

http://straponuliusyn.today/

http://grammmdinss.today/

http://viprasputinsd.chimkent.su/

http://lupadypa.dagestan.su/

http://stoknolimchin.exnet.su/

http://musaroprovadnikov.live/

http://teemforyourexprensiti.life/

http://stolkgolmishutich.termez.su/

http://roompampamgandish.wtf/
rc4.i32
rc4.i32

Targets

    • Target

      6rcjq.exe

    • Size

      242KB

    • MD5

      4aa514510f9cc24b7f8650b617da544a

    • SHA1

      078b3c285e818ca84a5e9af30a19689afe279021

    • SHA256

      18466d7e2545bef750090d3a7b8359caa7fe950e1ba0cc7e5c26337f184a2868

    • SHA512

      34bd11a1fcc17a679e4bbd410de2f99d1985436055e8604e863cb1b5eb578fdd18ce429db8b6c15244e3abc2d90f5492d6cbf23dbc28f9033ff20f99de486ba8

    Score
    10/10
    smokeloaderbackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks