fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8

General
Target

fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8

Size

292KB

Sample

211224-teb48aeeh8

Score
10 /10
MD5

10faa416691892159990764fbb680344

SHA1

a48fa141a23829a4799e8fc5a2685df5192c6897

SHA256

fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8

SHA512

cdaffcca120448607453dccb4de40c5446c1167b18c5a3763faa322dfabeafa36e4d0a7f898c2850fc8a3ceb201711624a9727a6a71cdfe996db49d31a150313

Malware Config

Extracted

Family smokeloader
Version 2020
C2

http://rcacademy.at/upload/

http://e-lanpengeonline.com/upload/

http://vjcmvz.cn/upload/

http://galala.ru/upload/

http://witra.ru/upload/
rc4.i32
rc4.i32

Extracted

Family amadey
Version 2.86
C2

2.56.56.210/notAnoob/index.php
Targets
Target

fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8

MD5

10faa416691892159990764fbb680344

Filesize

292KB

Score
10/10
SHA1

a48fa141a23829a4799e8fc5a2685df5192c6897

SHA256

fbd74982061c5b8a51bb7513c681b9ef6a89d163fa9d451191899d10d15ceab8

SHA512

cdaffcca120448607453dccb4de40c5446c1167b18c5a3763faa322dfabeafa36e4d0a7f898c2850fc8a3ceb201711624a9727a6a71cdfe996db49d31a150313

Tags

Signatures

  • Amadey

    Description

    Amadey bot is a simple trojan bot primarily used for collecting reconnaissance information.

    Tags

  • Detect Neshta Payload

  • Modifies system executable filetype association

    Tags

    TTPs

    Modify RegistryChange Default File Association

  • Neshta

    Description

    Malware from the neshta family is designed to infect itself into other files to spread itself and cause damage.

    Tags

  • SmokeLoader

    Description

    Modular backdoor trojan in use since 2014.

    Tags

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Deletes itself

  • Reads user/profile data of web browsers

    Description

    Infostealers often target stored browser data, which can include saved credentials etc.

    Tags

    TTPs

    Data from Local SystemCredentials in Files

Related Tasks

behavioral1
MITRE ATT&CK Matrix
Collection
Command and Control
    Credential Access
    Defense Evasion
    Discovery
    Execution
      Exfiltration
        Impact
          Initial Access
            Lateral Movement
              Persistence
              Privilege Escalation