Overview

overview

10

Static

static

5

e6c0a777d6...18.exe

windows7-x64

10

e6c0a777d6...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6c0a777d6b104a1013b198ab0258cea_JaffaCakes118

  • Size

    1.0MB

  • Sample

    240917-nxzqca1dmc

  • MD5

    e6c0a777d6b104a1013b198ab0258cea

  • SHA1

    9129f6f552c7bf36f46ec80cae20d4ab42692490

  • SHA256

    376fde09eeede053bf52443b15a1afddc11f59199e97ff81e1eadd7f59a470d9

  • SHA512

    b68e8ad889bdc7c6388e369e63fba2957ee50f23b4898a1615d406fcf1942c188362418db80ff07ca8c7c335c967f0730ae03aedeae084b7bf6aaf77665ee814

  • SSDEEP

    24576:Fu6Jx3O0c+JY5UZ+XC0kGso/WaOyw4pewQ/sWY:HI0c++OCvkGsUWaOz3Y

Score
10/10
lokibotcollectioncredential_accessdiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://nvent.icu/Electrical/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      e6c0a777d6b104a1013b198ab0258cea_JaffaCakes118

    • Size

      1.0MB

    • MD5

      e6c0a777d6b104a1013b198ab0258cea

    • SHA1

      9129f6f552c7bf36f46ec80cae20d4ab42692490

    • SHA256

      376fde09eeede053bf52443b15a1afddc11f59199e97ff81e1eadd7f59a470d9

    • SHA512

      b68e8ad889bdc7c6388e369e63fba2957ee50f23b4898a1615d406fcf1942c188362418db80ff07ca8c7c335c967f0730ae03aedeae084b7bf6aaf77665ee814

    • SSDEEP

      24576:Fu6Jx3O0c+JY5UZ+XC0kGso/WaOyw4pewQ/sWY:HI0c++OCvkGsUWaOz3Y

    Score
    10/10
    lokibotcollectioncredential_accessdiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Credentials from Password Stores: Credentials from Web Browsers

      Malicious Access or copy of Web Browser Credential store.

      credential_accessstealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks