Overview

overview

10

Static

static

3

80cbf7bf09...f0.exe

windows7-x64

10

80cbf7bf09...f0.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    47fcab617e1d8df0947a49e9a30d733fcadfac4b7cb457362bcb964f1779bf5a

  • Size

    126KB

  • Sample

    240417-r8z22ada29

  • MD5

    49450d02f874fbd7dd8422174b5cfdce

  • SHA1

    7694b06d994d794e1a20a8e7aa148fe14b80d1b7

  • SHA256

    47fcab617e1d8df0947a49e9a30d733fcadfac4b7cb457362bcb964f1779bf5a

  • SHA512

    f1ccc9023b3e170ba7c6d14b813d8791784cb1e85e2dca49ceb29ab47577d7618338486d467f5198b9a4460cc58f18bb517713e633985de79e284b53718318b1

  • SSDEEP

    3072:3vo23VgJhelloju7Kzv+jnK7b6CnAaVX2jWkrr55IOh4cKC3Zf:13V7liu7Kzv+IbRX2jWkrF5I5C3F

Score
10/10
smokeloaderpub1backdoortrojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://humydrole.com/tmp/index.php

http://trunk-co.ru/tmp/index.php

http://weareelight.com/tmp/index.php

http://pirateking.online/tmp/index.php

http://piratia.pw/tmp/index.php

http://go-piratia.ru/tmp/index.php
rc4.i32
rc4.i32

Targets

    • Target

      80cbf7bf0909ce0c9685c4529506d58d49042c0fe73d179dd31adea6330362f0.exe

    • Size

      178KB

    • MD5

      90af32f9a5edb54218ae12ee1215f087

    • SHA1

      aa8b6eae0e75fb09b72906d0c467eb99f577ecc4

    • SHA256

      80cbf7bf0909ce0c9685c4529506d58d49042c0fe73d179dd31adea6330362f0

    • SHA512

      fa683920d61c2b5c309f414a100cf6dd1a2eae1c1e3eef637643976202963c42d65d5d6bd7dc990ae8736e75d24129a307cd6fff48cfff4cad47f80f1eab13c4

    • SSDEEP

      3072:OIfZdZLY7ADI+nD4tsACagHrzlRwU5JrUq9Qn3BJ397JxCtU8EE69m:VfZdZLY7Ac+ncaagHLwU/rUMQnxJN7Lp

    Score
    10/10
    smokeloaderpub1backdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks