Overview

overview

10

Static

static

10

fa7736ddc7...5d.exe

windows7-x64

1

fa7736ddc7...5d.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

  • Size

    648KB

  • Sample

    240723-jtlbbswekl

  • MD5

    dd438d7a780d9005febf7a2b65795b13

  • SHA1

    1f66c54a11d1c3ef60401f79d678d346c9ac78ad

  • SHA256

    fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

  • SHA512

    0e97b9f82bf0e8cfa3d996543b79b836ea0c5c5fb6fa4f402ca7a4ac63dc63e5b75c21777a12459152f7a1cd2847739654b07233e2c7e2883e2effc05ce9fc74

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://overclockingmachines.info/bally/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

    • Size

      648KB

    • MD5

      dd438d7a780d9005febf7a2b65795b13

    • SHA1

      1f66c54a11d1c3ef60401f79d678d346c9ac78ad

    • SHA256

      fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

    • SHA512

      0e97b9f82bf0e8cfa3d996543b79b836ea0c5c5fb6fa4f402ca7a4ac63dc63e5b75c21777a12459152f7a1cd2847739654b07233e2c7e2883e2effc05ce9fc74

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks