General

  • Target

    d776c69b12a9a00498f9a912cf1d888fe092c3eeb31b9736736607d3b1601c5f

  • Size

    186KB

  • Sample

    230923-ayr51aba9z

  • MD5

    f84d9531222b555aad876986d97c897c

  • SHA1

    5819b4fba849f0e021c5f007f911bd3f56b8bc2a

  • SHA256

    d776c69b12a9a00498f9a912cf1d888fe092c3eeb31b9736736607d3b1601c5f

  • SHA512

    4c30058d9ef4fd49880f73ec0a61da5da85640d6b6c6662b1fc4d5c2f9003d42f219bfc54d48eb5d0da30badafc0121f7428a6218104806b923258c3c83ceb31

  • SSDEEP

    3072:IBEm/XJIGXi/lwQ+RwfW3lBniuFGUzA370J0ga5V:liXJIQsB+Rwu3XnPUUM380P

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      d776c69b12a9a00498f9a912cf1d888fe092c3eeb31b9736736607d3b1601c5f

    • Size

      186KB

    • MD5

      f84d9531222b555aad876986d97c897c

    • SHA1

      5819b4fba849f0e021c5f007f911bd3f56b8bc2a

    • SHA256

      d776c69b12a9a00498f9a912cf1d888fe092c3eeb31b9736736607d3b1601c5f

    • SHA512

      4c30058d9ef4fd49880f73ec0a61da5da85640d6b6c6662b1fc4d5c2f9003d42f219bfc54d48eb5d0da30badafc0121f7428a6218104806b923258c3c83ceb31

    • SSDEEP

      3072:IBEm/XJIGXi/lwQ+RwfW3lBniuFGUzA370J0ga5V:liXJIQsB+Rwu3XnPUUM380P

MITRE ATT&CK Enterprise v15

Tasks