Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

14f826d46b...18.exe

windows7-x64

10

14f826d46b...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    14f826d46b68f5ae27c5412f91ebe30f_JaffaCakes118

  • Size

    430KB

  • Sample

    241004-z9mr4a1gnh

  • MD5

    14f826d46b68f5ae27c5412f91ebe30f

  • SHA1

    b353f6ef48f9a31e16e574354ececf93b420f620

  • SHA256

    cfc279a1aff94416dc823c74fc2562d64317aa48024bd3dfdf93162aada24be5

  • SHA512

    834b6e764bda8323ac2997260418792b4464ff3f48b94a8bc5dcacaf77a35434f54b0137c826f69c84fc8d8e8b084635b8ad23ed2aeb877cea89c48131250e42

  • SSDEEP

    6144:TajEkaIL+67Wv87cU2i7oBPK0IzqgPioaF/YHdWHpjWw3E3UAmLuRg8Y:+jtucP2i7EPKlqUS/wWlWwx87

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://185.227.139.18/dsaicosaicasdi.php/z6CmYOrDctvwZ

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      14f826d46b68f5ae27c5412f91ebe30f_JaffaCakes118

    • Size

      430KB

    • MD5

      14f826d46b68f5ae27c5412f91ebe30f

    • SHA1

      b353f6ef48f9a31e16e574354ececf93b420f620

    • SHA256

      cfc279a1aff94416dc823c74fc2562d64317aa48024bd3dfdf93162aada24be5

    • SHA512

      834b6e764bda8323ac2997260418792b4464ff3f48b94a8bc5dcacaf77a35434f54b0137c826f69c84fc8d8e8b084635b8ad23ed2aeb877cea89c48131250e42

    • SSDEEP

      6144:TajEkaIL+67Wv87cU2i7oBPK0IzqgPioaF/YHdWHpjWw3E3UAmLuRg8Y:+jtucP2i7EPKlqUS/wWlWwx87

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.