General

  • Target

    74b0a679bf127c51b11424e2e6ce7127849c1d8e6923e526b0c4252ead8b4987

  • Size

    291KB

  • Sample

    230921-fxr2hafd95

  • MD5

    0b1be7fa95f85eab67edefa068e3b34f

  • SHA1

    ee66acaa5d20d9451862c94f5c587fb06d7067b0

  • SHA256

    74b0a679bf127c51b11424e2e6ce7127849c1d8e6923e526b0c4252ead8b4987

  • SHA512

    6476d60bf44cfdd553b8029c6a464120cd0938ab19188ffd12a83f6c82ff9949b74df9f9ffe6054c0047c3742ed4ca001da69b49e23d53e743becd625af12840

  • SSDEEP

    3072:MfXQFKTErc9IHte7DYBuVPcKtcp7iAJ964fkD27355Ge6RYhevg8jpe:eIKAr+IH0fJVUqcliGEr6tURYQg81

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32
rc4.i32

Targets

    • Target

      74b0a679bf127c51b11424e2e6ce7127849c1d8e6923e526b0c4252ead8b4987

    • Size

      291KB

    • MD5

      0b1be7fa95f85eab67edefa068e3b34f

    • SHA1

      ee66acaa5d20d9451862c94f5c587fb06d7067b0

    • SHA256

      74b0a679bf127c51b11424e2e6ce7127849c1d8e6923e526b0c4252ead8b4987

    • SHA512

      6476d60bf44cfdd553b8029c6a464120cd0938ab19188ffd12a83f6c82ff9949b74df9f9ffe6054c0047c3742ed4ca001da69b49e23d53e743becd625af12840

    • SSDEEP

      3072:MfXQFKTErc9IHte7DYBuVPcKtcp7iAJ964fkD27355Ge6RYhevg8jpe:eIKAr+IH0fJVUqcliGEr6tURYQg81

MITRE ATT&CK Enterprise v15

Tasks