General

  • Target

    d8b4d0391a358c9279a298057a4b46d2378679c9d2e8e174d993c8d77c057a91

  • Size

    30KB

  • Sample

    240419-w5swrscb29

  • MD5

    11514a8ccb7bec2db042dddcb628f880

  • SHA1

    da64664f487c8210283eb9d5ee9b189ff2cf2546

  • SHA256

    d8b4d0391a358c9279a298057a4b46d2378679c9d2e8e174d993c8d77c057a91

  • SHA512

    53ef648b5e047f3b0dfd54c01685ab441b05e21dd8e2831e03b0abf6407dd2aa32e121f622ddf6ab2b37570ee690fe8a4946dd5fd48b573729dc472e29778834

  • SSDEEP

    768:dFTzJlbT0RBWoBTb9QF8zk4yai9awOTlYiDb29lqy9Xn2kpias:dVdBT4WNF8zfuA9lDv29lHXnfg

Malware Config

Extracted

Family

smokeloader

Version

2022

C2

http://polinamailserverip.ru/

http://lamazone.site/

http://criticalosl.tech/

http://maximprofile.net/

http://zaliphone.com/

http://humanitarydp.ug/

http://zaikaopentra.com.ug/

http://zaikaopentra-com-ug.online/

http://infomalilopera.ru/

http://jskgdhjkdfhjdkjhd844.ru/

http://jkghdj2993jdjjdjd.ru/

http://kjhgdj99fuller.ru/

http://azartnyjboy.com/

http://zalamafiapopcultur.eu/

http://hopentools.site/

http://kismamabeforyougo.com/

http://kissmafiabeforyoudied.eu/

http://gondurasonline.ug/

http://nabufixservice.name/

http://filterfullproperty.ru/

rc4.i32
rc4.i32

Targets

    • Target

      d3fe939abc37519cf9968874270d356abd8b10887ce7e78a5fb1624d288f14b8

    • Size

      32KB

    • MD5

      42ab13a5f832f542d18083839671b340

    • SHA1

      891e8820dd0e4d1b9d47bc34ed92538f5081bca2

    • SHA256

      d3fe939abc37519cf9968874270d356abd8b10887ce7e78a5fb1624d288f14b8

    • SHA512

      f367782e62ecf6d93d7cce5a6bdf98d50ecca91ff22069c8680c11b1416c4249f22719209ad79715021cc45dfcf4fa455012a1f6d4f8755283d73da4395cd1e3

    • SSDEEP

      384:iUOmU60f/d3qUxoENQ2jUoa7S8RekDH3KwUXbvH/D04IuXtGHU2IFNPOn4Q8hRhL:0mf0Xd6hul4OWHa7bD3g02yRlQE3ul

MITRE ATT&CK Enterprise v15

Tasks