Overview

overview

10

Static

static

3

file.exe

windows7-x64

10

file.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file.exe

  • Size

    219KB

  • Sample

    240524-qrs2qaff8z

  • MD5

    503e59094f106fd25a0a6193d7556cdc

  • SHA1

    f255f91c7d8fc94e4ec265b9ae5d2752c66b8fa2

  • SHA256

    71480fc81a1e0eb85d94e08b31fa257204200371c01fbc3cbf7c45a622e66da3

  • SHA512

    99d73876925ad80afbdecb675b911a4043e146fa4a5370444467cf3532d228d702131c4e0d57be897e08adb42b20a4e8d3069274a14a4c2ae1035e0ef54c80fa

  • SSDEEP

    3072:Wu5cM9Mh1cHctcQI041+TBhLyRd5rZmSUZ1ivIRFC2sx++cQN/pLpay:CM9bscR00+85rZfUDivIzy+BCh

Score
10/10
smokeloaderpub1backdoorpersistencetrojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://trad-einmyus.com/index.php

http://tradein-myus.com/index.php

http://trade-inmyus.com/index.php
rc4.i32
rc4.i32

Targets

    • Target

      file.exe

    • Size

      219KB

    • MD5

      503e59094f106fd25a0a6193d7556cdc

    • SHA1

      f255f91c7d8fc94e4ec265b9ae5d2752c66b8fa2

    • SHA256

      71480fc81a1e0eb85d94e08b31fa257204200371c01fbc3cbf7c45a622e66da3

    • SHA512

      99d73876925ad80afbdecb675b911a4043e146fa4a5370444467cf3532d228d702131c4e0d57be897e08adb42b20a4e8d3069274a14a4c2ae1035e0ef54c80fa

    • SSDEEP

      3072:Wu5cM9Mh1cHctcQI041+TBhLyRd5rZmSUZ1ivIRFC2sx++cQN/pLpay:CM9bscR00+85rZfUDivIzy+BCh

    Score
    10/10
    smokeloaderpub1backdoorpersistencetrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks