Overview

overview

10

Static

static

10

8d1b1e1008...18.exe

windows7-x64

8d1b1e1008...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d1b1e10088a9f0c78b1aa15d81259e5_JaffaCakes118

  • Size

    648KB

  • Sample

    240602-gqrmtsdb8v

  • MD5

    8d1b1e10088a9f0c78b1aa15d81259e5

  • SHA1

    a0055437eb9f93ec6ba62b586ccae1617133d09f

  • SHA256

    d84aa4d9f4c326958cbc3a36f1eedbd85d8aae9206867c2b59d8532ca6e2b004

  • SHA512

    6ea996c043aa46aad5dc7f570dbb61cbcbcd920ae98ccf577117f82bb4f28eb62e2cc3f028459eece5a2be2153e6a1d022b3d10d071ecdfdda4141a4a0946324

  • SSDEEP

    1536:dzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqV2Izmd9r:GSHIG6mQwGmfOQd8YhY0/EZUG9

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://37.220.0.13/51111/logs/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      8d1b1e10088a9f0c78b1aa15d81259e5_JaffaCakes118

    • Size

      648KB

    • MD5

      8d1b1e10088a9f0c78b1aa15d81259e5

    • SHA1

      a0055437eb9f93ec6ba62b586ccae1617133d09f

    • SHA256

      d84aa4d9f4c326958cbc3a36f1eedbd85d8aae9206867c2b59d8532ca6e2b004

    • SHA512

      6ea996c043aa46aad5dc7f570dbb61cbcbcd920ae98ccf577117f82bb4f28eb62e2cc3f028459eece5a2be2153e6a1d022b3d10d071ecdfdda4141a4a0946324

    • SSDEEP

      1536:dzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqV2Izmd9r:GSHIG6mQwGmfOQd8YhY0/EZUG9

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks