General

  • Target

    40c624a1492477b0ed0e5c704447d95f728dfe41b7e857cd1c5018e8d3b3df65

  • Size

    294KB

  • Sample

    230922-ev43lsch2y

  • MD5

    a2d237a8dcda5047bb9e612825ebc499

  • SHA1

    d4f6d2707f5fc415ec85dcea2b318e1c3d97209c

  • SHA256

    40c624a1492477b0ed0e5c704447d95f728dfe41b7e857cd1c5018e8d3b3df65

  • SHA512

    8e789640a564baa078db349483844acc6f8004d1338bf61c643a9f48a358e75b382b98f991b95901a9a29cf0075962ee312bab8f26492dddd8c183d37d160f14

  • SSDEEP

    6144:ckdkZSl4JZNfVgQl6B0zTxjq7imHvFg8F:ckdkIOJZNfNl6GzTSPe8

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      40c624a1492477b0ed0e5c704447d95f728dfe41b7e857cd1c5018e8d3b3df65

    • Size

      294KB

    • MD5

      a2d237a8dcda5047bb9e612825ebc499

    • SHA1

      d4f6d2707f5fc415ec85dcea2b318e1c3d97209c

    • SHA256

      40c624a1492477b0ed0e5c704447d95f728dfe41b7e857cd1c5018e8d3b3df65

    • SHA512

      8e789640a564baa078db349483844acc6f8004d1338bf61c643a9f48a358e75b382b98f991b95901a9a29cf0075962ee312bab8f26492dddd8c183d37d160f14

    • SSDEEP

      6144:ckdkZSl4JZNfVgQl6B0zTxjq7imHvFg8F:ckdkIOJZNfNl6GzTSPe8

MITRE ATT&CK Enterprise v15

Tasks