General
-
Target
275021d22c37a2e2f124512f67948f02_JaffaCakes118
-
Size
243KB
-
Sample
240508-3ya6pseg7v
-
MD5
275021d22c37a2e2f124512f67948f02
-
SHA1
e9fc6d024577a20cb52c491a71fb7bd8a654ad70
-
SHA256
3d013ade0afd70874b75e9190f63a98290b544467c5867a6d3048ea105e7252c
-
SHA512
24f8c368abf1421d0b0a2755f6115f14bad2bf16c44d5226cbafd657001c4faee96140ec4830a291e0f62368928d2a24c357110b06e100dd9d2b0a8b01ca323e
-
SSDEEP
3072:JIdKU+VGUzdMinPradcljSPQR3Wqt5D5m4BxNWJoEPE9I:idKU+VXxnedclOPQRRNm4fItq
Behavioral task
behavioral1
Sample
275021d22c37a2e2f124512f67948f02_JaffaCakes118.exe
Resource
win7-20240221-en
Malware Config
Extracted
lokibot
http://richiechris.cf/wp/wp-content/oko/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
275021d22c37a2e2f124512f67948f02_JaffaCakes118
-
Size
243KB
-
MD5
275021d22c37a2e2f124512f67948f02
-
SHA1
e9fc6d024577a20cb52c491a71fb7bd8a654ad70
-
SHA256
3d013ade0afd70874b75e9190f63a98290b544467c5867a6d3048ea105e7252c
-
SHA512
24f8c368abf1421d0b0a2755f6115f14bad2bf16c44d5226cbafd657001c4faee96140ec4830a291e0f62368928d2a24c357110b06e100dd9d2b0a8b01ca323e
-
SSDEEP
3072:JIdKU+VGUzdMinPradcljSPQR3Wqt5D5m4BxNWJoEPE9I:idKU+VXxnedclOPQRRNm4fItq
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-