Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    SecuriteInfo.com.W32.Kryptik.KMY.gen.Eldorado.22433.13822

  • Size

    267KB

  • Sample

    231013-ffdsjsgd37

  • MD5

    24dbebd26b029b6304bed121b5af43c4

  • SHA1

    6657d33ab6958b155c67cc12d55647b1b0bc28ad

  • SHA256

    9e7c8aea93412acc8d8de3a956e8485a86caf40c626b2abd491bd5404df1bfbb

  • SHA512

    470559b9db03a1b3c10a6e91a1e03c6b15979a3d754c9f2a5684a06e87a9722bd7929872fa8cb15b8c5f183fead77272e57966095b493a1b608e93130db4ddf8

  • SSDEEP

    3072:QXUMeUgFUvuQ+qOsW8gPwI0eNcCOdvriM5vVos1lRLootRbrNpm:OUMeAvuQ+qOsWttcpRriMMIS

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gudintas.at/tmp/

http://pik96.ru/tmp/

http://rosatiauto.com/tmp/

http://kingpirate.ru/tmp/

rc4.i32
rc4.i32

Targets

    • Target

      SecuriteInfo.com.W32.Kryptik.KMY.gen.Eldorado.22433.13822

    • Size

      267KB

    • MD5

      24dbebd26b029b6304bed121b5af43c4

    • SHA1

      6657d33ab6958b155c67cc12d55647b1b0bc28ad

    • SHA256

      9e7c8aea93412acc8d8de3a956e8485a86caf40c626b2abd491bd5404df1bfbb

    • SHA512

      470559b9db03a1b3c10a6e91a1e03c6b15979a3d754c9f2a5684a06e87a9722bd7929872fa8cb15b8c5f183fead77272e57966095b493a1b608e93130db4ddf8

    • SSDEEP

      3072:QXUMeUgFUvuQ+qOsW8gPwI0eNcCOdvriM5vVos1lRLootRbrNpm:OUMeAvuQ+qOsWttcpRriMMIS

MITRE ATT&CK Enterprise v15

Tasks