Overview

overview

10

Static

static

3

0f3fcd1903...73.exe

windows7-x64

1

0f3fcd1903...73.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0f3fcd1903a9b4ac99cdc7ed5e32f591ce28312d8fe8981e7b66a61e92b4a573.exe

  • Size

    140KB

  • Sample

    240710-r3aj7atcql

  • MD5

    caec53ed7ab971ac19643d395f40a95e

  • SHA1

    8459f1a2a1f3a1e1695eec0fbcb1a4baabdb86ac

  • SHA256

    0f3fcd1903a9b4ac99cdc7ed5e32f591ce28312d8fe8981e7b66a61e92b4a573

  • SHA512

    1edb8684230a5de9d3e924d8e63f580d219ba39ee3be7a4ff9615c061e35a298e1e7be6983bd152fc68ad8f375da835da9a491023e38ed8fcbec32e7020e583e

  • SSDEEP

    1536:9rhjRpAPFisr9l5qaKXFRcBPq49+Vfj2vrWZaRF61m2oKs7MBGzQT445j/ULtiSR:JRRpAPZrjrKncB5CoX7ex5jVrDqtd4

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://104.248.205.66/index.php/pages?s=1

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      0f3fcd1903a9b4ac99cdc7ed5e32f591ce28312d8fe8981e7b66a61e92b4a573.exe

    • Size

      140KB

    • MD5

      caec53ed7ab971ac19643d395f40a95e

    • SHA1

      8459f1a2a1f3a1e1695eec0fbcb1a4baabdb86ac

    • SHA256

      0f3fcd1903a9b4ac99cdc7ed5e32f591ce28312d8fe8981e7b66a61e92b4a573

    • SHA512

      1edb8684230a5de9d3e924d8e63f580d219ba39ee3be7a4ff9615c061e35a298e1e7be6983bd152fc68ad8f375da835da9a491023e38ed8fcbec32e7020e583e

    • SSDEEP

      1536:9rhjRpAPFisr9l5qaKXFRcBPq49+Vfj2vrWZaRF61m2oKs7MBGzQT445j/ULtiSR:JRRpAPZrjrKncB5CoX7ex5jVrDqtd4

    Score
    10/10
    lokibotcollectionspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks