General

  • Target

    33801ad7d3e66e50a168a1a511a09f56e6297bc36418abffe2106f5fdc7037db

  • Size

    216KB

  • Sample

    240122-ffwy5agfgm

  • MD5

    0af8a56340924ca3919f31d96aba135d

  • SHA1

    ea7a8a8fcad3584ec328a70a5cb89da58799ed48

  • SHA256

    33801ad7d3e66e50a168a1a511a09f56e6297bc36418abffe2106f5fdc7037db

  • SHA512

    aee1f3547aa22ca4a563e82c9be68694234ebc4fce5449d51199fbe5c4bb16476709c870769b50e259487827bc4b4e153a73bd45070d7b1e4cfbe35539fd24df

  • SSDEEP

    3072:2aAVkKKz6bqDSwlsjpBZ1AIWeJ59E8GNMxt6UZZFHA1ZTgMXEfpF:2a125jXZ1XWeJ59E8bt6qHA3gMXI

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gxutc2c.com/tmp/index.php

http://proekt8.ru/tmp/index.php

http://mth.com.ua/tmp/index.php

http://pirateking.online/tmp/index.php

http://piratia.pw/tmp/index.php

http://go-piratia.ru/tmp/index.php

rc4.i32
rc4.i32

Targets

    • Target

      33801ad7d3e66e50a168a1a511a09f56e6297bc36418abffe2106f5fdc7037db

    • Size

      216KB

    • MD5

      0af8a56340924ca3919f31d96aba135d

    • SHA1

      ea7a8a8fcad3584ec328a70a5cb89da58799ed48

    • SHA256

      33801ad7d3e66e50a168a1a511a09f56e6297bc36418abffe2106f5fdc7037db

    • SHA512

      aee1f3547aa22ca4a563e82c9be68694234ebc4fce5449d51199fbe5c4bb16476709c870769b50e259487827bc4b4e153a73bd45070d7b1e4cfbe35539fd24df

    • SSDEEP

      3072:2aAVkKKz6bqDSwlsjpBZ1AIWeJ59E8GNMxt6UZZFHA1ZTgMXEfpF:2a125jXZ1XWeJ59E8bt6qHA3gMXI

MITRE ATT&CK Enterprise v15

Tasks