General

  • Target

    SecuriteInfo.com.Win32.BotX-gen.1476.23690

  • Size

    265KB

  • Sample

    231012-m2lhvagf24

  • MD5

    a25c8bcd78bfffff86e911122d610ff5

  • SHA1

    a262560b7b021156a27f2f298d48e5dcb08d9506

  • SHA256

    739c8d45ca4059f0b591bd553bdab486519b663fb092ad11868a8c6c3d9ec022

  • SHA512

    fd485e565f03b62eb7088ec7a23d00cd0b615cd1e74fff71a4a7059d8770e15d26f67d8e78d21f7ded8cdb4f3fc89a33d8dda25713bfb381c0aa8ceb3257186a

  • SSDEEP

    3072:jWXHhrbPgrVGZotfogCbfMv9m3+fe+vTUgryv2ldDzPV:yBrErEZoRdqUv4Om+vTrm2ldDz

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      SecuriteInfo.com.Win32.BotX-gen.1476.23690

    • Size

      265KB

    • MD5

      a25c8bcd78bfffff86e911122d610ff5

    • SHA1

      a262560b7b021156a27f2f298d48e5dcb08d9506

    • SHA256

      739c8d45ca4059f0b591bd553bdab486519b663fb092ad11868a8c6c3d9ec022

    • SHA512

      fd485e565f03b62eb7088ec7a23d00cd0b615cd1e74fff71a4a7059d8770e15d26f67d8e78d21f7ded8cdb4f3fc89a33d8dda25713bfb381c0aa8ceb3257186a

    • SSDEEP

      3072:jWXHhrbPgrVGZotfogCbfMv9m3+fe+vTUgryv2ldDzPV:yBrErEZoRdqUv4Om+vTrm2ldDz

MITRE ATT&CK Enterprise v15

Tasks