General

  • Target

    09ae5b72d7b3da05904c0edf9985ca64bca078f0a38e01eaceccc26bc2113fd8.exe

  • Size

    210KB

  • Sample

    240523-be8jbafg5w

  • MD5

    a66f7c783c40326c27fad4db5587dc85

  • SHA1

    77212137e94cd93a955374ff013d5ae8c92a0af5

  • SHA256

    09ae5b72d7b3da05904c0edf9985ca64bca078f0a38e01eaceccc26bc2113fd8

  • SHA512

    15fe97c4dcf2f0435e5b18840a7aea540bcff40566c5ae45dea3df03647aeb3e004de8bc773d5badf1fcdea76be7a854613784cbba06aa55064b6023acb8e188

  • SSDEEP

    3072:sskFUgrChWOZ55UV9+GSi/6nIFjkFce9SkqB/3cx+JB/gjSQYUbJJRN5pwYS:MFL2WOH6fajL9Hw3O+JBkY+/fuY

Malware Config

Extracted

Family

smokeloader

Botnet

sel2

Extracted

Family

smokeloader

Version

2022

C2

https://airwide-land.com/calcroom.php

https://summerwaterhall.com/calcroom.php

rc4.i32
rc4.i32

Targets

    • Target

      09ae5b72d7b3da05904c0edf9985ca64bca078f0a38e01eaceccc26bc2113fd8.exe

    • Size

      210KB

    • MD5

      a66f7c783c40326c27fad4db5587dc85

    • SHA1

      77212137e94cd93a955374ff013d5ae8c92a0af5

    • SHA256

      09ae5b72d7b3da05904c0edf9985ca64bca078f0a38e01eaceccc26bc2113fd8

    • SHA512

      15fe97c4dcf2f0435e5b18840a7aea540bcff40566c5ae45dea3df03647aeb3e004de8bc773d5badf1fcdea76be7a854613784cbba06aa55064b6023acb8e188

    • SSDEEP

      3072:sskFUgrChWOZ55UV9+GSi/6nIFjkFce9SkqB/3cx+JB/gjSQYUbJJRN5pwYS:MFL2WOH6fajL9Hw3O+JBkY+/fuY

MITRE ATT&CK Enterprise v15

Tasks