Overview

overview

10

Static

static

10

1fa9cf6d0b...18.exe

windows7-x64

1

1fa9cf6d0b...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1fa9cf6d0b85cd9981c4b5d24d74fcf7_JaffaCakes118

  • Size

    116KB

  • Sample

    240507-gpaypafa85

  • MD5

    1fa9cf6d0b85cd9981c4b5d24d74fcf7

  • SHA1

    5e0c364a7337ae11d31e8d04cddbcbfaa73ab7fd

  • SHA256

    fcafaf6faa71f8a2be9b8594d882b6b681e9886ac259f8e37f7ff76df153b596

  • SHA512

    1975fb7f58e0db6aaf28678ac84b27bbc3bc9f329d85cbcd6cd01549f66f747902aa7a56447b6a5437795a6511e2d2474e1d4201c76f1c7e288ed5e7e7ebd1f7

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqZIzmd:nSHIG6mQwGmfOQd8YhY0/EsUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://lbtem.flu.cc/ml/vrs/tmbr2/lok/panel/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      1fa9cf6d0b85cd9981c4b5d24d74fcf7_JaffaCakes118

    • Size

      116KB

    • MD5

      1fa9cf6d0b85cd9981c4b5d24d74fcf7

    • SHA1

      5e0c364a7337ae11d31e8d04cddbcbfaa73ab7fd

    • SHA256

      fcafaf6faa71f8a2be9b8594d882b6b681e9886ac259f8e37f7ff76df153b596

    • SHA512

      1975fb7f58e0db6aaf28678ac84b27bbc3bc9f329d85cbcd6cd01549f66f747902aa7a56447b6a5437795a6511e2d2474e1d4201c76f1c7e288ed5e7e7ebd1f7

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqZIzmd:nSHIG6mQwGmfOQd8YhY0/EsUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks