Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

DHL Expres...45.exe

windows7-x64

10

DHL Expres...45.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    DHL Express_D09884445.exe

  • Size

    495KB

  • Sample

    230717-gvwscabb6x

  • MD5

    e7d0fee78fbbd99cc4d5fbede8a87f1e

  • SHA1

    b20ac6c0c1880785878030c2d1a415b2649032db

  • SHA256

    2039b244c42b06c3133712d5ac6819bb3a913fc3fa837c2f533aa9eef6380024

  • SHA512

    94b8a9e742ef394b8a76ce25b7d790aad2e0dd58ee5029459ea5bbe5066ac526d72ad5afff840c008931c0affbbb9b2ee08f1a9d43678c889ee09f862c7a3268

  • SSDEEP

    12288:4qTrQaSejL8Zm9Yfk3nGtTktmile5HVjgoLUzVN+7:4qTrQaSejL8Zm9Yf8w5iU5ZTaVN+

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://138.68.56.139/?p=2744

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      DHL Express_D09884445.exe

    • Size

      495KB

    • MD5

      e7d0fee78fbbd99cc4d5fbede8a87f1e

    • SHA1

      b20ac6c0c1880785878030c2d1a415b2649032db

    • SHA256

      2039b244c42b06c3133712d5ac6819bb3a913fc3fa837c2f533aa9eef6380024

    • SHA512

      94b8a9e742ef394b8a76ce25b7d790aad2e0dd58ee5029459ea5bbe5066ac526d72ad5afff840c008931c0affbbb9b2ee08f1a9d43678c889ee09f862c7a3268

    • SSDEEP

      12288:4qTrQaSejL8Zm9Yfk3nGtTktmile5HVjgoLUzVN+7:4qTrQaSejL8Zm9Yf8w5iU5ZTaVN+

    Score
    10/10
    lokibotcollectionspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.