General

  • Target

    a732cf8d4d21e263f45dd45a6e247c39b3e44a2a4c7d0e85cce2fb19bcb82bc0

  • Size

    321KB

  • Sample

    230923-kvh32aea9v

  • MD5

    c311053c6bebbfb1eeaf4593eddd267f

  • SHA1

    793ec0d3711a0864e50f6557cc96b47545da817e

  • SHA256

    a732cf8d4d21e263f45dd45a6e247c39b3e44a2a4c7d0e85cce2fb19bcb82bc0

  • SHA512

    cfbb9be7e31fc4f3e193e8409fb9b38b710c3a27fa21284845c8df3ffd05b4223d16b92cfb4724054e29f7663014738f38e6eb81b312ac56cf0a7177d273294c

  • SSDEEP

    3072:QUY9QqhEpdkxgpz8jIJy9RsN7oGY+O3FdfAakOBEtV67ceJ84X6LcrtxdB:TY9dhWdkxgp8IJyoG3FGOE/iceJHV

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2020

C2

http://host-file-host6.com/

http://host-host-file8.com/

rc4.i32
rc4.i32

Targets

    • Target

      a732cf8d4d21e263f45dd45a6e247c39b3e44a2a4c7d0e85cce2fb19bcb82bc0

    • Size

      321KB

    • MD5

      c311053c6bebbfb1eeaf4593eddd267f

    • SHA1

      793ec0d3711a0864e50f6557cc96b47545da817e

    • SHA256

      a732cf8d4d21e263f45dd45a6e247c39b3e44a2a4c7d0e85cce2fb19bcb82bc0

    • SHA512

      cfbb9be7e31fc4f3e193e8409fb9b38b710c3a27fa21284845c8df3ffd05b4223d16b92cfb4724054e29f7663014738f38e6eb81b312ac56cf0a7177d273294c

    • SSDEEP

      3072:QUY9QqhEpdkxgpz8jIJy9RsN7oGY+O3FdfAakOBEtV67ceJ84X6LcrtxdB:TY9dhWdkxgp8IJyoG3FGOE/iceJHV

MITRE ATT&CK Enterprise v15

Tasks