General

  • Target

    81b199ce993d2f4aaf29627839a1ce4f9bda21d5f0f1bd6d3346384edb7a350c

  • Size

    163KB

  • Sample

    240226-m5l9jsbh69

  • MD5

    9f0ca87d8c675491de9aaddd26c9ad7d

  • SHA1

    faa7a39a8f9fa7498541a31b4eb8e786add834cc

  • SHA256

    81b199ce993d2f4aaf29627839a1ce4f9bda21d5f0f1bd6d3346384edb7a350c

  • SHA512

    842a5a893a0bc5befcfd224b67d937dcf174f10e7ef80b75d4b34f74217ddf1230bdf2d83628a803ab15d4ce23ee05f294c840e141498f7ecfff19ad1fe029ed

  • SSDEEP

    3072:k73vfdGdDEac+lRJTZFVW0J1WewwD677xL/2Uim/cz:kblGdQac+pTFWC1W26nV+mE

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Extracted

Family

smokeloader

Version

2022

C2

http://kamsmad.com/tmp/index.php

http://souzhensil.ru/tmp/index.php

http://teplokub.com.ua/tmp/index.php

rc4.i32
rc4.i32

Targets

    • Target

      81b199ce993d2f4aaf29627839a1ce4f9bda21d5f0f1bd6d3346384edb7a350c

    • Size

      163KB

    • MD5

      9f0ca87d8c675491de9aaddd26c9ad7d

    • SHA1

      faa7a39a8f9fa7498541a31b4eb8e786add834cc

    • SHA256

      81b199ce993d2f4aaf29627839a1ce4f9bda21d5f0f1bd6d3346384edb7a350c

    • SHA512

      842a5a893a0bc5befcfd224b67d937dcf174f10e7ef80b75d4b34f74217ddf1230bdf2d83628a803ab15d4ce23ee05f294c840e141498f7ecfff19ad1fe029ed

    • SSDEEP

      3072:k73vfdGdDEac+lRJTZFVW0J1WewwD677xL/2Uim/cz:kblGdQac+pTFWC1W26nV+mE

MITRE ATT&CK Enterprise v15

Tasks