Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

8d1b1e1008...18.exe

windows7-x64

8d1b1e1008...18.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8d1b1e10088a9f0c78b1aa15d81259e5_JaffaCakes118

  • Size

    648KB

  • MD5

    8d1b1e10088a9f0c78b1aa15d81259e5

  • SHA1

    a0055437eb9f93ec6ba62b586ccae1617133d09f

  • SHA256

    d84aa4d9f4c326958cbc3a36f1eedbd85d8aae9206867c2b59d8532ca6e2b004

  • SHA512

    6ea996c043aa46aad5dc7f570dbb61cbcbcd920ae98ccf577117f82bb4f28eb62e2cc3f028459eece5a2be2153e6a1d022b3d10d071ecdfdda4141a4a0946324

  • SSDEEP

    1536:dzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqV2Izmd9r:GSHIG6mQwGmfOQd8YhY0/EZUG9

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://37.220.0.13/51111/logs/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 8d1b1e10088a9f0c78b1aa15d81259e5_JaffaCakes118
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections