2598d8fe011595cd74778112ae8704ae239444808cd3dd5938f800f16d8ae1b0.exe

General
Target

2598d8fe011595cd74778112ae8704ae239444808cd3dd5938f800f16d8ae1b0.exe

Size

249KB

Sample

210114-3krxrm7b5a

Score
10 /10
MD5

bbe29e9d318bce730a758a02133d753d

SHA1

da513bed0c7f0d7d595cbd23b3858e0daea8f2b5

SHA256

2598d8fe011595cd74778112ae8704ae239444808cd3dd5938f800f16d8ae1b0

SHA512

7b4d3ccf858d7744a26aed2f2e0d66f35ff3ae6df7b1d08a215fa501d62c242e4a497d0fb0500fce864689e47ace5d1c089cd4f3e26cc502da4b072629792b94

Malware Config

Extracted

Family lokibot
C2

http://208.70.248.230/ty/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets
Target

2598d8fe011595cd74778112ae8704ae239444808cd3dd5938f800f16d8ae1b0.exe

MD5

bbe29e9d318bce730a758a02133d753d

Filesize

249KB

Score
10 /10
SHA1

da513bed0c7f0d7d595cbd23b3858e0daea8f2b5

SHA256

2598d8fe011595cd74778112ae8704ae239444808cd3dd5938f800f16d8ae1b0

SHA512

7b4d3ccf858d7744a26aed2f2e0d66f35ff3ae6df7b1d08a215fa501d62c242e4a497d0fb0500fce864689e47ace5d1c089cd4f3e26cc502da4b072629792b94

Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10