Overview

overview

10

Static

static

3

Invoice.exe

windows7-x64

10

Invoice.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Invoice.exe

  • Size

    618KB

  • Sample

    230802-hzx2msdd39

  • MD5

    0ec1d84d5b4341f2cdb130ef101e816e

  • SHA1

    06b7e6c7ab9c3c709e3d8fd106db4a979ac75996

  • SHA256

    99f5e3a59b1b019cd00d00d5a0209b99b2ae94ae02e8ff395b194a4ccb7873ee

  • SHA512

    567277f7550fd3310b466fcdce33fa7e12ab9d9dddf775f8052cc7a379c1e92bbc4881f0994334b3a0153c7eadbe355551bb3533df5bfa7fe92016e9e0792937

  • SSDEEP

    12288:MdF0BaoGoCSk/L/jPChvsjTgee1m9EZpNC:C2BaoGoCSyLrPC1ifDiC

Score
10/10
lokibotspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://2.59.254.19/noko/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      Invoice.exe

    • Size

      618KB

    • MD5

      0ec1d84d5b4341f2cdb130ef101e816e

    • SHA1

      06b7e6c7ab9c3c709e3d8fd106db4a979ac75996

    • SHA256

      99f5e3a59b1b019cd00d00d5a0209b99b2ae94ae02e8ff395b194a4ccb7873ee

    • SHA512

      567277f7550fd3310b466fcdce33fa7e12ab9d9dddf775f8052cc7a379c1e92bbc4881f0994334b3a0153c7eadbe355551bb3533df5bfa7fe92016e9e0792937

    • SSDEEP

      12288:MdF0BaoGoCSk/L/jPChvsjTgee1m9EZpNC:C2BaoGoCSyLrPC1ifDiC

    Score
    10/10
    lokibotspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks