General

  • Target

    a59fd2f2d1845da759e3a7a3feeedc1d1c4fdc4b068b03edfdd0d97dcd3c0fe8

  • Size

    208KB

  • Sample

    230921-e21nrsfb46

  • MD5

    97076745bf434fda6663f2a0fa7d7e73

  • SHA1

    641b6a86f9e65d39bde3e5f9c0fe7eda778b0b70

  • SHA256

    a59fd2f2d1845da759e3a7a3feeedc1d1c4fdc4b068b03edfdd0d97dcd3c0fe8

  • SHA512

    481ea8fed59de41431e73d45d993d75e6f437a21a837ecb6b8df110780e7333b9bd044edaa6b0795748a5a8a0cf094408d11fcc1e5cefc04a0696a92f2b18ab8

  • SSDEEP

    3072:mX2gqnUcY0Ksmi7n1Gc+yFSjo/QNH030k/D9Yunuv25Jn7TfEif3:OtI+0KKjxFS8/Q0hD7uvin7Tr

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      a59fd2f2d1845da759e3a7a3feeedc1d1c4fdc4b068b03edfdd0d97dcd3c0fe8

    • Size

      208KB

    • MD5

      97076745bf434fda6663f2a0fa7d7e73

    • SHA1

      641b6a86f9e65d39bde3e5f9c0fe7eda778b0b70

    • SHA256

      a59fd2f2d1845da759e3a7a3feeedc1d1c4fdc4b068b03edfdd0d97dcd3c0fe8

    • SHA512

      481ea8fed59de41431e73d45d993d75e6f437a21a837ecb6b8df110780e7333b9bd044edaa6b0795748a5a8a0cf094408d11fcc1e5cefc04a0696a92f2b18ab8

    • SSDEEP

      3072:mX2gqnUcY0Ksmi7n1Gc+yFSjo/QNH030k/D9Yunuv25Jn7TfEif3:OtI+0KKjxFS8/Q0hD7uvin7Tr

MITRE ATT&CK Enterprise v15

Tasks