Overview

overview

10

Static

static

10

61d58a52c9...18.exe

windows7-x64

10

61d58a52c9...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    61d58a52c94cbde716aad05ad5418015_JaffaCakes118

  • Size

    104KB

  • MD5

    61d58a52c94cbde716aad05ad5418015

  • SHA1

    6270bbecb81946596e572e0854a6c4329c330324

  • SHA256

    b338ca623279ec0f602a0157e44696b50d1b8aec8914457f9e9f67ea89b9ad1a

  • SHA512

    8ee61e9b9b85ddeaee063cbe8a7dd9312770ea7c559ab111a3a9967e48fb3b13305bc20b3fc1645a351ee47aa760ef39d74c998b756e98cf6ddbf6e0a7435dde

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

https://boistans.com/stuff/Panel/bianchi/Panel/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 61d58a52c94cbde716aad05ad5418015_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    0239fd611af3d0e9b0c46c5837c80e09


    Headers

    Imports

    Sections