General

  • Target

    a5a107e890080f3642ebe97a41abdecab2113fe981569361e9ebb4f96ab5d078

  • Size

    186KB

  • Sample

    230923-aylyzsba9v

  • MD5

    5e24e3e53137efe701b18e01b83cde73

  • SHA1

    c2561797a85b99d192a09c479f6dabd88baaaae4

  • SHA256

    a5a107e890080f3642ebe97a41abdecab2113fe981569361e9ebb4f96ab5d078

  • SHA512

    e96e8d998b97e6520041f0502da2d2e14e398a0e7dfa41515d30f3d5f12a92c84e7d5f608d9d82f830cf7347cb9e44244ead88fb0338428e60e24f8199b9f701

  • SSDEEP

    3072:QrH1yFMngccXYGhFMUgBLxWlJa+wedYuc/vR6j2xxiLYD51Qez:QZyFMng/70UwKa+wkYuc/5E2qEzQ

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      a5a107e890080f3642ebe97a41abdecab2113fe981569361e9ebb4f96ab5d078

    • Size

      186KB

    • MD5

      5e24e3e53137efe701b18e01b83cde73

    • SHA1

      c2561797a85b99d192a09c479f6dabd88baaaae4

    • SHA256

      a5a107e890080f3642ebe97a41abdecab2113fe981569361e9ebb4f96ab5d078

    • SHA512

      e96e8d998b97e6520041f0502da2d2e14e398a0e7dfa41515d30f3d5f12a92c84e7d5f608d9d82f830cf7347cb9e44244ead88fb0338428e60e24f8199b9f701

    • SSDEEP

      3072:QrH1yFMngccXYGhFMUgBLxWlJa+wedYuc/vR6j2xxiLYD51Qez:QZyFMng/70UwKa+wkYuc/5E2qEzQ

MITRE ATT&CK Enterprise v15

Tasks