General

  • Target

    6d855b291f7adddcbcac1bddf9e8b53eaacb83832400334ff4c24b6000bd31a8

  • Size

    252KB

  • Sample

    240228-fgyjcabf39

  • MD5

    0a59ec2759c8233f27678be7ccf19dbf

  • SHA1

    8ae39c87f469c9ec4d4f56ec29cb98cea221ce10

  • SHA256

    6d855b291f7adddcbcac1bddf9e8b53eaacb83832400334ff4c24b6000bd31a8

  • SHA512

    0ee7d32d51309ce95471f653c76cd658f4546acd6c0c63f0810bd4deb68b5bd1ee6d8925e5d5a77bcf3f4086638c9eb5012abc3ac4027926e40489d465bf0c69

  • SSDEEP

    3072:VswyjReihT9ug20XBcDtMF2ErsaLFm3ygb74V1SFQtXzUg5dbLTFnx:ChT4g6MsEomub7CSGpQMbLT

Malware Config

Extracted

Family

smokeloader

Botnet

pub3

Extracted

Family

smokeloader

Version

2022

C2

http://kamsmad.com/tmp/index.php

http://souzhensil.ru/tmp/index.php

http://teplokub.com.ua/tmp/index.php

rc4.i32
rc4.i32

Targets

    • Target

      6d855b291f7adddcbcac1bddf9e8b53eaacb83832400334ff4c24b6000bd31a8

    • Size

      252KB

    • MD5

      0a59ec2759c8233f27678be7ccf19dbf

    • SHA1

      8ae39c87f469c9ec4d4f56ec29cb98cea221ce10

    • SHA256

      6d855b291f7adddcbcac1bddf9e8b53eaacb83832400334ff4c24b6000bd31a8

    • SHA512

      0ee7d32d51309ce95471f653c76cd658f4546acd6c0c63f0810bd4deb68b5bd1ee6d8925e5d5a77bcf3f4086638c9eb5012abc3ac4027926e40489d465bf0c69

    • SSDEEP

      3072:VswyjReihT9ug20XBcDtMF2ErsaLFm3ygb74V1SFQtXzUg5dbLTFnx:ChT4g6MsEomub7CSGpQMbLT

MITRE ATT&CK Enterprise v15

Tasks