General

  • Target

    c7b73278305b71a7dd879956f011aa9e27c9d2ea3fc881c7b2d192451e982733

  • Size

    191KB

  • Sample

    220127-qfystsdcap

  • MD5

    312885821d19781583cf48f56dff410a

  • SHA1

    c55f89bacc53bdfed50c2821511089d65ad6c1f8

  • SHA256

    c7b73278305b71a7dd879956f011aa9e27c9d2ea3fc881c7b2d192451e982733

  • SHA512

    767f5341b016b751c9a563f8d9e88c27bbc6b9bfd95ddfdc8f5f8096d7d3ed130f95e93defac764326a581698dc60c073b1b33a6d6ceffbcc5097796bd8fd072

Malware Config

Extracted

Family

smokeloader

Version

2020

C2

http://host-data-coin-11.com/

http://file-coin-host-12.com/

rc4.i32
rc4.i32

Targets

    • Target

      c7b73278305b71a7dd879956f011aa9e27c9d2ea3fc881c7b2d192451e982733

    • Size

      191KB

    • MD5

      312885821d19781583cf48f56dff410a

    • SHA1

      c55f89bacc53bdfed50c2821511089d65ad6c1f8

    • SHA256

      c7b73278305b71a7dd879956f011aa9e27c9d2ea3fc881c7b2d192451e982733

    • SHA512

      767f5341b016b751c9a563f8d9e88c27bbc6b9bfd95ddfdc8f5f8096d7d3ed130f95e93defac764326a581698dc60c073b1b33a6d6ceffbcc5097796bd8fd072

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks