General

  • Target

    6f11b6baad406aa223f72545d807e8f9.exe

  • Size

    896KB

  • Sample

    210112-rsy7j3n2vj

  • MD5

    6f11b6baad406aa223f72545d807e8f9

  • SHA1

    2536e4e60bf71286db7f8a0c16fcbb68ca6944d1

  • SHA256

    bc4bab61ab8b90451441bacba2edad8c1acd2a93c0318f4f4aa303627c4e7e3a

  • SHA512

    28c0cfbdd1bf5aaf30a63d4f7e5a06e28a9f66356d2ddee297a50cda56a9f895e2036d36efe90d7a9e0cecbe49a518f030d4906b7f3616acfe82ab6b30c4b91b

Malware Config

Extracted

Family

lokibot

C2

https://worldpackmx.com/wfretyuil/Panel/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      6f11b6baad406aa223f72545d807e8f9.exe

    • Size

      896KB

    • MD5

      6f11b6baad406aa223f72545d807e8f9

    • SHA1

      2536e4e60bf71286db7f8a0c16fcbb68ca6944d1

    • SHA256

      bc4bab61ab8b90451441bacba2edad8c1acd2a93c0318f4f4aa303627c4e7e3a

    • SHA512

      28c0cfbdd1bf5aaf30a63d4f7e5a06e28a9f66356d2ddee297a50cda56a9f895e2036d36efe90d7a9e0cecbe49a518f030d4906b7f3616acfe82ab6b30c4b91b

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Tasks