Overview

overview

10

Static

static

3

77ba6812b4...52.exe

windows7-x64

10

77ba6812b4...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0fc784b6c538e7c4a5a4f4bcd8068859.bin

  • Size

    141KB

  • Sample

    240708-bdjhssxbre

  • MD5

    41d9b0edc1671d19d220e54d5a9a30a8

  • SHA1

    080b28b0ffe8c7fe55c69c35e8dba1119d23779b

  • SHA256

    23f95b475a58091a7f6c15e613697d283b80cb9b13b2cf1bb141a2064ce642cd

  • SHA512

    b54f725ee24f36afccd323ecddeb72cb6506149e278ed17b4399b60c2cb7ecc090ea7afb647c50e2c0a7cb01f514607e1e5161d9df804d75581484ea88508421

  • SSDEEP

    3072:YAt2nO5zU1/bKgGSDrYSp9EA1JECs3+kNs9b7GOswB4EWCRyfRR6:YQ2UzUluTSDrxp9Y+kNsvsbyRyfR0

Score
10/10
smokeloaderpub1backdoortrojan

Malware Config

Extracted

Family

smokeloader

Botnet

pub1

Extracted

Family

smokeloader

Version

2022

C2

http://evilos.cc/tmp/index.php

http://gebeus.ru/tmp/index.php

http://office-techs.biz/tmp/index.php

http://cx5519.com/tmp/index.php
rc4.i32
rc4.i32

Targets

    • Target

      77ba6812b4e9223398d31476512a19ce12c60cf8c9d139e4578f3f19563e0d52.exe

    • Size

      230KB

    • MD5

      0fc784b6c538e7c4a5a4f4bcd8068859

    • SHA1

      8340c0914ec651c3e4ffc7682162154505fc5f8a

    • SHA256

      77ba6812b4e9223398d31476512a19ce12c60cf8c9d139e4578f3f19563e0d52

    • SHA512

      eaeaf7633b5acc64d95d2691ef0952ea691634591dfe30e61ca2116268f007ef676507a5d67acf5265ed8308622915e1704452a59699f4be162ab9d49aa3818c

    • SSDEEP

      3072:IovqqnT/W562w1DOeZPK5gGw++afPQRMZIa/nobS0xmv/0X4KEHsy4iIT:IIqqnC56li/JfPQRmnoro33KEHW

    Score
    10/10
    smokeloaderpub1backdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks