Overview

overview

10

Static

static

3

5ff2447ce9...ed.exe

windows7-x64

1

5ff2447ce9...ed.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5ff2447ce941617ea8dadb36c0c9337327fe5d8275dc6bedddc6f82d48c40aed.exe

  • Size

    146KB

  • Sample

    240716-tbfm8szdkk

  • MD5

    ae7eef690ade68c8dae761255d6acd57

  • SHA1

    992023ea4a92944411a7535d57b3fe7b63de19df

  • SHA256

    5ff2447ce941617ea8dadb36c0c9337327fe5d8275dc6bedddc6f82d48c40aed

  • SHA512

    5b2ff4d3d2084dbf2e3772a59a94c50e3062e379546cd09b53ea215bcbe406c477a3388788f7fa75497fa34bcc68e8bae77bb4741a83fba200fead702d4db2cd

  • SSDEEP

    3072:qaJMdf2tSt72hETdLEuC27WxlZFSN1E7UP5dbwX/XzvhPQ:qaJMdf2tS9zTdYuC27YZzYTUX/X1

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://104.248.205.66/index.php/file.php?an=74870072817

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      5ff2447ce941617ea8dadb36c0c9337327fe5d8275dc6bedddc6f82d48c40aed.exe

    • Size

      146KB

    • MD5

      ae7eef690ade68c8dae761255d6acd57

    • SHA1

      992023ea4a92944411a7535d57b3fe7b63de19df

    • SHA256

      5ff2447ce941617ea8dadb36c0c9337327fe5d8275dc6bedddc6f82d48c40aed

    • SHA512

      5b2ff4d3d2084dbf2e3772a59a94c50e3062e379546cd09b53ea215bcbe406c477a3388788f7fa75497fa34bcc68e8bae77bb4741a83fba200fead702d4db2cd

    • SSDEEP

      3072:qaJMdf2tSt72hETdLEuC27WxlZFSN1E7UP5dbwX/XzvhPQ:qaJMdf2tS9zTdYuC27YZzYTUX/X1

    Score
    10/10
    lokibotcollectionspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks