Overview

overview

10

Static

static

1

22f50ef32d...cb.exe

windows7-x64

10

22f50ef32d...cb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    22f50ef32d23e0f441da489071ca1ecb.exe

  • Size

    597KB

  • Sample

    230330-jcegfsbe39

  • MD5

    22f50ef32d23e0f441da489071ca1ecb

  • SHA1

    b3d1136a952d4c15df83178595e89e2f643ac89e

  • SHA256

    50ae1cc086fc3faeeb453c5923097b9328b63bbe19ed9f9c226bbb1b49a1917d

  • SHA512

    15c4d386d866d97fd3abf4dbf0f70e3b1b0db6043a545f6f859977e41c10203e6f8410b5daf877b5c985e32ed759615bf59fab5f3960e6967b0574fd3997e1b1

  • SSDEEP

    12288:xQxy0FBF2J5SWzDv7SMvUvH8QKuyywV36hu6:xkH2J5SWzDvC8QVwV3C1

Score
10/10
smokeloaderswobackdoortrojan

Malware Config

Extracted

Family

smokeloader

Botnet

swo

Extracted

Family

smokeloader

Version

2020

C2

http://akmedia.in/js/k/index.php

http://bethesdaserukam.org/setting/k/index.php

http://stemschools.in/js/k/index.php

http://dejarestaurant.com/wp-admin/js/k/index.php

http://moabscript.ir/wp-admin/js/k/index.php

http://nicehybridseeds.com/image/catalog/k/index.php

http://imaker.io/picktail/js/k/index.php

http://nanavatisworld.com/assets/js/k/index.php

http://smartbubox.com/img/k/index.php

http://krigenpharmaceuticals.com/js/k/index.php
rc4.i32
rc4.i32

Targets

    • Target

      22f50ef32d23e0f441da489071ca1ecb.exe

    • Size

      597KB

    • MD5

      22f50ef32d23e0f441da489071ca1ecb

    • SHA1

      b3d1136a952d4c15df83178595e89e2f643ac89e

    • SHA256

      50ae1cc086fc3faeeb453c5923097b9328b63bbe19ed9f9c226bbb1b49a1917d

    • SHA512

      15c4d386d866d97fd3abf4dbf0f70e3b1b0db6043a545f6f859977e41c10203e6f8410b5daf877b5c985e32ed759615bf59fab5f3960e6967b0574fd3997e1b1

    • SSDEEP

      12288:xQxy0FBF2J5SWzDv7SMvUvH8QKuyywV36hu6:xkH2J5SWzDvC8QVwV3C1

    Score
    10/10
    smokeloaderswobackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks