General

  • Target

    nmode.exe

  • Size

    212KB

  • Sample

    210428-bmas6sd2xj

  • MD5

    c178795733e8a84f750aff12e49ca3ef

  • SHA1

    af9e5de54778ef903c892f4d0f46e39b7b07c417

  • SHA256

    d73e37b3ed710e4128e3c76e2f0fd61dbb2fdcddfd8cfa51ffe244fa19433bb2

  • SHA512

    394ad2545f72df2cebcb707cd94fa133464dd199aad1e5f2c105629d3f40f4f92568353f4d7ded4d745a061e82ec9d9dc2e6b9b37ace6a5e21395ee6ea315f34

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://smbproperty.ru/

http://gmbshop.ru/

http://baksproperty.gov.ug/

http://magistralpsw.ru/

http://mpmanagertzz.ru/

http://powerglasspot.ru/

http://autopartswarehouses.ru/

http://memoloves.ru/

http://alfavanilin.ru/

rc4.i32
rc4.i32

Targets

    • Target

      nmode.exe

    • Size

      212KB

    • MD5

      c178795733e8a84f750aff12e49ca3ef

    • SHA1

      af9e5de54778ef903c892f4d0f46e39b7b07c417

    • SHA256

      d73e37b3ed710e4128e3c76e2f0fd61dbb2fdcddfd8cfa51ffe244fa19433bb2

    • SHA512

      394ad2545f72df2cebcb707cd94fa133464dd199aad1e5f2c105629d3f40f4f92568353f4d7ded4d745a061e82ec9d9dc2e6b9b37ace6a5e21395ee6ea315f34

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks