Overview

overview

10

Static

static

10

2c5dd3e516...18.exe

windows7-x64

1

2c5dd3e516...18.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c5dd3e5163ab652f160ad2097947e8b_JaffaCakes118

  • Size

    648KB

  • Sample

    240510-aehr8afa6w

  • MD5

    2c5dd3e5163ab652f160ad2097947e8b

  • SHA1

    7bc781d104b9a5d05427be65c9894debf322d02a

  • SHA256

    b2414df7117b7f9430374f246d9e510b5c4d797ec894977b3682dbc18dd64053

  • SHA512

    c537d8ce31d1ddef7760896bb6eec78e79bb72d522f7b67e2a56dccbef818355d45cc27b3105529b638e9f207d54ababd52096cf3521826815cd000d90726891

  • SSDEEP

    1536:SzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqoIzmd:pSHIG6mQwGmfOQd8YhY0/EpUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://91.243.81.5/babak/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      2c5dd3e5163ab652f160ad2097947e8b_JaffaCakes118

    • Size

      648KB

    • MD5

      2c5dd3e5163ab652f160ad2097947e8b

    • SHA1

      7bc781d104b9a5d05427be65c9894debf322d02a

    • SHA256

      b2414df7117b7f9430374f246d9e510b5c4d797ec894977b3682dbc18dd64053

    • SHA512

      c537d8ce31d1ddef7760896bb6eec78e79bb72d522f7b67e2a56dccbef818355d45cc27b3105529b638e9f207d54ababd52096cf3521826815cd000d90726891

    • SSDEEP

      1536:SzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqoIzmd:pSHIG6mQwGmfOQd8YhY0/EpUG

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks