General
-
Target
1f91babf5ab2da96838a3aa4fa9368bf_JaffaCakes118
-
Size
357KB
-
Sample
240702-rdpykszdpj
-
MD5
1f91babf5ab2da96838a3aa4fa9368bf
-
SHA1
a5e277d2cdf4989d0294beefa5331730d5b324ac
-
SHA256
6ec8b2ec36427c38f1510965a2d986e4f1239ee08141f5d5f30f90bef3a6c7e2
-
SHA512
56d68af6522dd129224585117316c403f33ed25ecad7337df65391876fda1c2d168145a44ec63b291481336fcc5750bb947db38b4b3b1e5c6af97f19d1247416
-
SSDEEP
6144:tCjeTD0fIqQJTOp+Y9cjdu2PJV+tMD+/xWgOLykWH2UmTjPJ/LovNOoK2C5+DEZt:5TGIqP+Y9wTP7+9ZWWkWHVGavA0C59Zt
Behavioral task
behavioral1
Sample
1f91babf5ab2da96838a3aa4fa9368bf_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1f91babf5ab2da96838a3aa4fa9368bf_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
lokibot
http://95.174.65.247/baca/opio/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
1f91babf5ab2da96838a3aa4fa9368bf_JaffaCakes118
-
Size
357KB
-
MD5
1f91babf5ab2da96838a3aa4fa9368bf
-
SHA1
a5e277d2cdf4989d0294beefa5331730d5b324ac
-
SHA256
6ec8b2ec36427c38f1510965a2d986e4f1239ee08141f5d5f30f90bef3a6c7e2
-
SHA512
56d68af6522dd129224585117316c403f33ed25ecad7337df65391876fda1c2d168145a44ec63b291481336fcc5750bb947db38b4b3b1e5c6af97f19d1247416
-
SSDEEP
6144:tCjeTD0fIqQJTOp+Y9cjdu2PJV+tMD+/xWgOLykWH2UmTjPJ/LovNOoK2C5+DEZt:5TGIqP+Y9wTP7+9ZWWkWHVGavA0C59Zt
-
Accesses Microsoft Outlook profiles
-
Adds Run key to start application
-