Overview

overview

10

Static

static

3

2c9ec7ba47...18.exe

windows7-x64

10

2c9ec7ba47...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2c9ec7ba47209179d77505cdcd944c32_JaffaCakes118

  • Size

    796KB

  • Sample

    241009-hf2wgstdkc

  • MD5

    2c9ec7ba47209179d77505cdcd944c32

  • SHA1

    cd146ecc7bf3561b357950cfb79b7660b831f5a1

  • SHA256

    17ac629812bbf20f53c2e8b5df77009029f326d6772fdf7e8607349c0f4f448d

  • SHA512

    8faddd1dae4456b00fa50f62207f49163ceea842b46f63f978e269c6de89de0e048ad0d017579805ccf87ff39a04767cc1afa3fbc2d31950a6022e82e0ffeb10

  • SSDEEP

    24576:6FKLPp9AR95yM4RgV1b+Uj/1vfgtDJobgnXip:lPpKRytRM1pbgX

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://185.227.139.5/sxisodifntose.php/gb0kpVY5AUPrv

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      2c9ec7ba47209179d77505cdcd944c32_JaffaCakes118

    • Size

      796KB

    • MD5

      2c9ec7ba47209179d77505cdcd944c32

    • SHA1

      cd146ecc7bf3561b357950cfb79b7660b831f5a1

    • SHA256

      17ac629812bbf20f53c2e8b5df77009029f326d6772fdf7e8607349c0f4f448d

    • SHA512

      8faddd1dae4456b00fa50f62207f49163ceea842b46f63f978e269c6de89de0e048ad0d017579805ccf87ff39a04767cc1afa3fbc2d31950a6022e82e0ffeb10

    • SSDEEP

      24576:6FKLPp9AR95yM4RgV1b+Uj/1vfgtDJobgnXip:lPpKRytRM1pbgX

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks