General

  • Target

    dfa4ec96090af6f263e52754de1e583114968bdabde14aef2969469e7ce5c299

  • Size

    317KB

  • Sample

    211203-bswrnsgec9

  • MD5

    f4ceb4cedc55156299835319a785df6b

  • SHA1

    009e47890042ee4484c577a81fbe53dafffd8e44

  • SHA256

    dfa4ec96090af6f263e52754de1e583114968bdabde14aef2969469e7ce5c299

  • SHA512

    e984da5eed990537a94b204d14d34ca6178cdc6d63aa6f76f64f0955b7e858bd5dec57d4bd821db065041850ccf01756a949a7ec0123b67b1a42f16ad3235f50

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

https://cinems.club/search.php

https://clothes.surf/search.php

rc4.i32
rc4.i32

Targets

    • Target

      dfa4ec96090af6f263e52754de1e583114968bdabde14aef2969469e7ce5c299

    • Size

      317KB

    • MD5

      f4ceb4cedc55156299835319a785df6b

    • SHA1

      009e47890042ee4484c577a81fbe53dafffd8e44

    • SHA256

      dfa4ec96090af6f263e52754de1e583114968bdabde14aef2969469e7ce5c299

    • SHA512

      e984da5eed990537a94b204d14d34ca6178cdc6d63aa6f76f64f0955b7e858bd5dec57d4bd821db065041850ccf01756a949a7ec0123b67b1a42f16ad3235f50

MITRE ATT&CK Matrix ATT&CK v6

Execution

Command-Line Interface

1
T1059

Persistence

Modify Existing Service

1
T1031

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

3
T1082

Process Discovery

1
T1057

Collection

Email Collection

1
T1114

Tasks