b48bedacf7e54e532d5d32aefe7e43a1fe597edd91086119765af77b5c065ed3.exe

General
Target

b48bedacf7e54e532d5d32aefe7e43a1fe597edd91086119765af77b5c065ed3.exe

Size

1MB

Sample

210114-wmrbtqkz32

Score
10 /10
MD5

aedfd31737c70958efe28d1006d50d20

SHA1

0131cd4e5390fb80265b33f5b16acd4b238e92aa

SHA256

b48bedacf7e54e532d5d32aefe7e43a1fe597edd91086119765af77b5c065ed3

SHA512

a2004552de52ceb2729b48d48bdcce2237aac36121b4a1614b2f34e7dd569e63a4d3099a3c0bf4d7dbe9740250655fd18b3635043b1396dc544dad47add6fc7b

Malware Config

Extracted

Family lokibot
C2

http://51.195.53.221/p.php/HsSpKI8PLZu2g

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets
Target

b48bedacf7e54e532d5d32aefe7e43a1fe597edd91086119765af77b5c065ed3.exe

MD5

aedfd31737c70958efe28d1006d50d20

Filesize

1MB

Score
10 /10
SHA1

0131cd4e5390fb80265b33f5b16acd4b238e92aa

SHA256

b48bedacf7e54e532d5d32aefe7e43a1fe597edd91086119765af77b5c065ed3

SHA512

a2004552de52ceb2729b48d48bdcce2237aac36121b4a1614b2f34e7dd569e63a4d3099a3c0bf4d7dbe9740250655fd18b3635043b1396dc544dad47add6fc7b

Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral1

                        10/10

                        behavioral2

                        10/10