Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

ff4cafc13c...18.exe

windows7-x64

10

ff4cafc13c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff4cafc13c985a010e3c2532a7a8ef30_JaffaCakes118

  • Size

    347KB

  • Sample

    240929-zgg15stcmf

  • MD5

    ff4cafc13c985a010e3c2532a7a8ef30

  • SHA1

    105bb100c2581938c20bed2dffee317df1e849d7

  • SHA256

    d5fa180d5669d0e9b65aad9cf161399aa115e5873a3543e83ebc824fd2aed80a

  • SHA512

    2ea458cf03a57056c67d8ec0ad22d13e497e83ddc8eef9b4e670cb929aa4774165a24e6ba0f078b6949f83e75af9a116a32de82ffebd419d5213a0c05c1bbd42

  • SSDEEP

    6144:CJZj3XBjlkq27zgxRiqbUfua+UeX2dr2/e:WzZo7cviqQN+UeXIrJ

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://37.46.150.194/ouc/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      ff4cafc13c985a010e3c2532a7a8ef30_JaffaCakes118

    • Size

      347KB

    • MD5

      ff4cafc13c985a010e3c2532a7a8ef30

    • SHA1

      105bb100c2581938c20bed2dffee317df1e849d7

    • SHA256

      d5fa180d5669d0e9b65aad9cf161399aa115e5873a3543e83ebc824fd2aed80a

    • SHA512

      2ea458cf03a57056c67d8ec0ad22d13e497e83ddc8eef9b4e670cb929aa4774165a24e6ba0f078b6949f83e75af9a116a32de82ffebd419d5213a0c05c1bbd42

    • SSDEEP

      6144:CJZj3XBjlkq27zgxRiqbUfua+UeX2dr2/e:WzZo7cviqQN+UeXIrJ

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.