General

  • Target

    81168f96d9b17f0440cc86fb849517c5.exe

  • Size

    252KB

  • Sample

    240126-s17btaggh3

  • MD5

    81168f96d9b17f0440cc86fb849517c5

  • SHA1

    a6fae4fcf053a324c7b12e1b264892549f2ceade

  • SHA256

    341559cdf94886f8f52d9f0a9f68b86efe347c5f12f52feb3aab5fd207a27443

  • SHA512

    36c0448677232305b7f36ef4a8a5c3310ae0ad8c26f45a2415960ccd73c405239e3caf73041cfa762e23231c1914e5199ecadc6c71ff55fa1ae34587c6d0c4a2

  • SSDEEP

    3072:MY21LLg5DLwq9fkLIvr3g6fntE/bLFh20GZ8A5mUVgaHTGi0D3:ALUFLh+0QbqDqLduT4

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://gxutc2c.com/tmp/index.php

http://proekt8.ru/tmp/index.php

http://mth.com.ua/tmp/index.php

http://pirateking.online/tmp/index.php

http://piratia.pw/tmp/index.php

http://go-piratia.ru/tmp/index.php

rc4.i32
rc4.i32

Targets

    • Target

      81168f96d9b17f0440cc86fb849517c5.exe

    • Size

      252KB

    • MD5

      81168f96d9b17f0440cc86fb849517c5

    • SHA1

      a6fae4fcf053a324c7b12e1b264892549f2ceade

    • SHA256

      341559cdf94886f8f52d9f0a9f68b86efe347c5f12f52feb3aab5fd207a27443

    • SHA512

      36c0448677232305b7f36ef4a8a5c3310ae0ad8c26f45a2415960ccd73c405239e3caf73041cfa762e23231c1914e5199ecadc6c71ff55fa1ae34587c6d0c4a2

    • SSDEEP

      3072:MY21LLg5DLwq9fkLIvr3g6fntE/bLFh20GZ8A5mUVgaHTGi0D3:ALUFLh+0QbqDqLduT4

MITRE ATT&CK Enterprise v15

Tasks