Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities
Tags
country: Taiwan
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 6cee0608-63a3-44ad-a3ff-e772f2802af3
Fingerprint ac009ddb813beaef
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 8, 2022, 6 p.m.
Added to db Sept. 26, 2022, 9:34 a.m.
Last updated Nov. 17, 2024, 6:54 p.m.
Headline Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities
Title Life After Death—SmokeLoader Continues to Haunt Using Old Vulnerabilities
Detected Hints/Tags/Attributes 60/3/24
Source URLs
Redirection Url
Details Source https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities
Details Source https://www.fortinet.com/blog/threat-research/smokeloader-using-old-vulnerabilities?&web_view=true
URL Provider
Details Provider Source level domain
Details fortinet.com www.fortinet.com
Attributes
Details Type #Events CTI Value
Details CVE 269 
cve-2017-0199
Details CVE 375 
cve-2017-11882
Details Domain 3 
msoffcrypto-crack.py
Details Domain 1 
sorathlions.com
Details Domain 1 
agent.bmw
Details Domain 5 
ms.office
Details Domain 1 
dhemgldxkv.com
Details Domain 1 
afrocalite.com
Details File 1 
fg-20220629.xlsx
Details File 3 
msoffcrypto-crack.py
Details File 5 
receipt.doc
Details File 70 
vbc.exe
Details File 1 
vymxn_zfbgctbp.jpg
Details File 3 
office.rtf
Details File 41 
code.exe
Details File 57 
eqnedt32.exe
Details File 1 
vymxn_zfbgctbp.dll
Details sha256 1 
eef3295bada101787ae4f1ebc92e17fc2c6cd8c39389a745c45943a019637ca1
Details sha256 1 
a1f59ebe9e8311267d831da649a8df44a3d747e9cf75e64a259b2fd917d2f587
Details sha256 1 
3223ae2c88753ce7268fa02213b76bdaf690ac37ec411ea8b7925c3b31e8822f
Details sha256 1 
104f88876b4d7c963d47afa63cfbb516d20e1cf9858d739f9c4023142b223fe2
Details sha256 1 
4e4e32f6259b82e6b932ab81172c22560ec2ac46e85543d4851637a63eaace3e
Details IPv4 1 
192.227.129.26
Details IPv4 1 
108.60.212.220