Overview

overview

10

Static

static

3

3b70adb82c...18.exe

windows7-x64

10

3b70adb82c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3b70adb82cecfa8432d9fcd60b27e81a_JaffaCakes118

  • Size

    288KB

  • Sample

    240512-wwm9xshg8v

  • MD5

    3b70adb82cecfa8432d9fcd60b27e81a

  • SHA1

    e2102d4feb827fc6b18fa7a9a1d23bca289d01f2

  • SHA256

    fe863df510daf48119986329b32b957901fd08fc952e403b05d185e2c39f0d04

  • SHA512

    d0db04d7aea5cd13fbfaaaee00e1e98e2af4bbed28b89178347aeec758790ac16baedca3c92ceb4140024ca913a8dc39ff0c21a8f5d0a0790bc7213f4ad39e91

  • SSDEEP

    6144:OEjLO3PVOTfnDMYa3/Yevc62Ieeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeei:vS9eeg

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://atpafr-international.com/hipe/Panel/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      3b70adb82cecfa8432d9fcd60b27e81a_JaffaCakes118

    • Size

      288KB

    • MD5

      3b70adb82cecfa8432d9fcd60b27e81a

    • SHA1

      e2102d4feb827fc6b18fa7a9a1d23bca289d01f2

    • SHA256

      fe863df510daf48119986329b32b957901fd08fc952e403b05d185e2c39f0d04

    • SHA512

      d0db04d7aea5cd13fbfaaaee00e1e98e2af4bbed28b89178347aeec758790ac16baedca3c92ceb4140024ca913a8dc39ff0c21a8f5d0a0790bc7213f4ad39e91

    • SSDEEP

      6144:OEjLO3PVOTfnDMYa3/Yevc62Ieeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeei:vS9eeg

    Score
    10/10
    lokibotcollectionspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks