Update smoke_out_08_05_2023_DE.txt

SmokeLoader/smoke_out_08_05_2023_DE.txt

@@ -9,13 +9,21 @@ http://aek0aicifaloh1yo.com/
 http://wa5zu7sekai8xeih.com/
 https://nftsmean.com/pro2.exe
 http://hugersi.com/dl/6523.exe
-https://transfer.sh/get/umExQk/Installer.exe
 http://host-file-host6.com/
 http://potunulit.org/
 http://hie7doodohpae4na.com/
-https://transfer.sh/get/pQFK0P/telegram74567.exe
-https://transfer.sh/get/me4bBe/424242.exe
 https://cdn.discordapp.com/attachments/920726397322928168/1079835676448669768/qwfqwf.exe
 https://apnamachine.com/tmp/index.php
 http://colisumy.com/dl/buildz.exe
 https://cdn.discordapp.com/attachments/1091449028107051142/1094520407274569738/bildak.exe
+
+
+Analyzed:
+https://transfer.sh/get/umExQk/Installer.exe -> 
+https://github.com/test93872/demo5/raw/main/plugin_3.dll + 
+https://github.com/test93872/demo5/raw/main/plugin_4.dll -> 
+XMRig: rx.unmineable.com (cmd: -o rx.unmineable.com:3333 -a rx -k -u RVN:RLsJPUyyYN5HwREgBrsRy6wcz2x3VNKx1s.RIG_CPU -p x --cpu-max-threads-hint=50)
+
+https://transfer.sh/get/pQFK0P/telegram74567.exe -> RedLine (C2: 217.182.15.146:7357) Botnet: LogsDiller Cloud (Telegram: @logsdillabot)
+
+https://transfer.sh/get/me4bBe/424242.exe -> RedLine (C2: 45.9.74.140:6885)