General

  • Target

    5454718e78b8dedd6d00cdb377fce6541d6456ea690f7e9fa64cc37ecdaa2489

  • Size

    294KB

  • Sample

    230922-ev7thach2z

  • MD5

    ba46aac85484a5e446516a53359ef71d

  • SHA1

    fc487c46fb047de9a8d0c7433c11d97703f81704

  • SHA256

    5454718e78b8dedd6d00cdb377fce6541d6456ea690f7e9fa64cc37ecdaa2489

  • SHA512

    924d02a9a757129858ee1d8300f30d1d824ee254192d2f0e69a7aaaff025d905c3603caf8d8254f184f58871b3860a3fb93340d4d5b544d91304f21807160bad

  • SSDEEP

    3072:qKCXgprSm/dJnNxj1bWTClwsG69KwO864vy+MP+udjuyg87dB:DCgBS2fxB+C9jKwO864vy+i+utxg8Z

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      5454718e78b8dedd6d00cdb377fce6541d6456ea690f7e9fa64cc37ecdaa2489

    • Size

      294KB

    • MD5

      ba46aac85484a5e446516a53359ef71d

    • SHA1

      fc487c46fb047de9a8d0c7433c11d97703f81704

    • SHA256

      5454718e78b8dedd6d00cdb377fce6541d6456ea690f7e9fa64cc37ecdaa2489

    • SHA512

      924d02a9a757129858ee1d8300f30d1d824ee254192d2f0e69a7aaaff025d905c3603caf8d8254f184f58871b3860a3fb93340d4d5b544d91304f21807160bad

    • SSDEEP

      3072:qKCXgprSm/dJnNxj1bWTClwsG69KwO864vy+MP+udjuyg87dB:DCgBS2fxB+C9jKwO864vy+i+utxg8Z

MITRE ATT&CK Enterprise v15

Tasks