92f4947a55cb2be277eaddbf19961d1d740ec923e3ad092c04022a509882c904

General
Target

92f4947a55cb2be277eaddbf19961d1d740ec923e3ad092c04022a509882c904

Size

292KB

Sample

211224-s2rbzseef3

Score
10 /10
MD5

c510cd7a298c2a8b3776f6d4c6e9bfb4

SHA1

90a41745ceb34199a6ef116c380ff1125930db28

SHA256

92f4947a55cb2be277eaddbf19961d1d740ec923e3ad092c04022a509882c904

SHA512

c60ebee8d575202a304ca07f86ec5c6ffe3d7222cac097f19708c0f1500caa7126245e0293a183f042f06e95f66dd52bec2116fee0a84100f4f6225d4a8c1fb5

Malware Config

Extracted

Family smokeloader
Version 2020
C2

http://rcacademy.at/upload/

http://e-lanpengeonline.com/upload/

http://vjcmvz.cn/upload/

http://galala.ru/upload/

http://witra.ru/upload/
rc4.i32
rc4.i32

Extracted

Family amadey
Version 2.86
C2

2.56.56.210/notAnoob/index.php
Targets
Target

92f4947a55cb2be277eaddbf19961d1d740ec923e3ad092c04022a509882c904

MD5

c510cd7a298c2a8b3776f6d4c6e9bfb4

Filesize

292KB

Score
10/10
SHA1

90a41745ceb34199a6ef116c380ff1125930db28

SHA256

92f4947a55cb2be277eaddbf19961d1d740ec923e3ad092c04022a509882c904

SHA512

c60ebee8d575202a304ca07f86ec5c6ffe3d7222cac097f19708c0f1500caa7126245e0293a183f042f06e95f66dd52bec2116fee0a84100f4f6225d4a8c1fb5

Tags

Signatures

  • Amadey

    Description

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    Tags

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association

  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • SmokeLoader

    Description

    Modular backdoor trojan in use since 2014.

    Tags

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Deletes itself

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

behavioral1
MITRE ATT&CK Matrix
Collection
Command and Control
    Credential Access
    Defense Evasion
    Discovery
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
              Privilege Escalation