General

  • Target

    Pro_forma Invoice.exe

  • Size

    406KB

  • Sample

    210118-lmlsxqr4c6

  • MD5

    5dd45d81f49a7d05b59e8474353ba349

  • SHA1

    848f7fe6b653b4e99359214a971238762c1068de

  • SHA256

    1d8b63ccbfeef2f52442a343a4c5a3b7d516512f1b5137a7e4f79b602706c8b3

  • SHA512

    0e02ce6332699eb9e13345046a1d332ec9521f519a1438fe78c83a26db730e5372ffacc0313335f24a2fe18598f93d14966dfc1f5456e6096107af9b127edae1

Malware Config

Extracted

Family

lokibot

C2

http://51.195.53.221/p.php/EYP1P8zvVgHWX

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      Pro_forma Invoice.exe

    • Size

      406KB

    • MD5

      5dd45d81f49a7d05b59e8474353ba349

    • SHA1

      848f7fe6b653b4e99359214a971238762c1068de

    • SHA256

      1d8b63ccbfeef2f52442a343a4c5a3b7d516512f1b5137a7e4f79b602706c8b3

    • SHA512

      0e02ce6332699eb9e13345046a1d332ec9521f519a1438fe78c83a26db730e5372ffacc0313335f24a2fe18598f93d14966dfc1f5456e6096107af9b127edae1

MITRE ATT&CK Matrix

Tasks