Overview

overview

10

Static

static

3

ff4cafc13c...18.exe

windows7-x64

10

ff4cafc13c...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff4cafc13c985a010e3c2532a7a8ef30_JaffaCakes118

  • Size

    347KB

  • Sample

    240929-zgg15stcmf

  • MD5

    ff4cafc13c985a010e3c2532a7a8ef30

  • SHA1

    105bb100c2581938c20bed2dffee317df1e849d7

  • SHA256

    d5fa180d5669d0e9b65aad9cf161399aa115e5873a3543e83ebc824fd2aed80a

  • SHA512

    2ea458cf03a57056c67d8ec0ad22d13e497e83ddc8eef9b4e670cb929aa4774165a24e6ba0f078b6949f83e75af9a116a32de82ffebd419d5213a0c05c1bbd42

  • SSDEEP

    6144:CJZj3XBjlkq27zgxRiqbUfua+UeX2dr2/e:WzZo7cviqQN+UeXIrJ

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://37.46.150.194/ouc/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      ff4cafc13c985a010e3c2532a7a8ef30_JaffaCakes118

    • Size

      347KB

    • MD5

      ff4cafc13c985a010e3c2532a7a8ef30

    • SHA1

      105bb100c2581938c20bed2dffee317df1e849d7

    • SHA256

      d5fa180d5669d0e9b65aad9cf161399aa115e5873a3543e83ebc824fd2aed80a

    • SHA512

      2ea458cf03a57056c67d8ec0ad22d13e497e83ddc8eef9b4e670cb929aa4774165a24e6ba0f078b6949f83e75af9a116a32de82ffebd419d5213a0c05c1bbd42

    • SSDEEP

      6144:CJZj3XBjlkq27zgxRiqbUfua+UeX2dr2/e:WzZo7cviqQN+UeXIrJ

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks