Overview

overview

10

Static

static

10

d11ae3d422...18.exe

windows7-x64

1

d11ae3d422...18.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d11ae3d422300942b0e4e30afa7df152_JaffaCakes118

  • Size

    808KB

  • MD5

    d11ae3d422300942b0e4e30afa7df152

  • SHA1

    be05a9a5f0b27a66b71018fe0f8c4c6a1943fe0a

  • SHA256

    ef6c31ba7a0935e4fd7aba19a07c4b0836350048995727f9213d5527dfa374da

  • SHA512

    50e9d823b5ffc4bfab180196b19b3108a7c918d041a4c717fe2d336b38f87b67eb598f81a24f6b9577eacbbff9dec35d57fe756618d520831a31cea700807321

  • SSDEEP

    1536:3UxK2Iz84/Y1A6XQ4L2EjC5Dw3md4MkVNYU66/EdaVQzQdZ4lC:6Kzdd6XQz5qmdbONYU66/EYVcEe

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://slowidyter.us/kertyl/kert67l/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d11ae3d422300942b0e4e30afa7df152_JaffaCakes118
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections