General

  • Target

    a0bc958c81c42176ea1ec26a1b967994f3b52898652aafd47120cb6508a4f930

  • Size

    269KB

  • Sample

    230328-lj7gxsab74

  • MD5

    e94aea991423ecc63d2be327c07f47ef

  • SHA1

    686e26ba6f19373aab692161092dbd1ea109f1da

  • SHA256

    a0bc958c81c42176ea1ec26a1b967994f3b52898652aafd47120cb6508a4f930

  • SHA512

    a82315eb5739546b6bda2c3c75496380061ffbc19ae05043f5c6fbace0c60d52225a7f7458c9d29c08c62fd33a2e3158e50604970b4c00286be8b547d575eaa0

  • SSDEEP

    3072:CoQQ58KxII1DmfBJP8F+5CMxudQxYLFZ3JA0ITzeYhujrFn5XdlmhZ:w5Kb1DqBJA6aFBJAXThujh6

Malware Config

Extracted

Family

smokeloader

Botnet

sprg

Extracted

Family

smokeloader

Version

2022

C2

http://hoh0aeghwugh2gie.com/

http://hie7doodohpae4na.com/

http://aek0aicifaloh1yo.com/

http://yic0oosaeiy7ahng.com/

http://wa5zu7sekai8xeih.com/

rc4.i32
rc4.i32

Targets

    • Target

      a0bc958c81c42176ea1ec26a1b967994f3b52898652aafd47120cb6508a4f930

    • Size

      269KB

    • MD5

      e94aea991423ecc63d2be327c07f47ef

    • SHA1

      686e26ba6f19373aab692161092dbd1ea109f1da

    • SHA256

      a0bc958c81c42176ea1ec26a1b967994f3b52898652aafd47120cb6508a4f930

    • SHA512

      a82315eb5739546b6bda2c3c75496380061ffbc19ae05043f5c6fbace0c60d52225a7f7458c9d29c08c62fd33a2e3158e50604970b4c00286be8b547d575eaa0

    • SSDEEP

      3072:CoQQ58KxII1DmfBJP8F+5CMxudQxYLFZ3JA0ITzeYhujrFn5XdlmhZ:w5Kb1DqBJA6aFBJAXThujh6

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks