Overview

overview

10

Static

static

3

Поръч...er.exe

windows7-x64

10

Поръч...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    595168260deb2fce4369c1ce5cb60afa74fdeabd01e9dae97609d0498bfc5c5e

  • Size

    142KB

  • Sample

    241022-z3v5wswgmk

  • MD5

    4fc9ae9335a12d26dce8dcf0e3c2ecb6

  • SHA1

    a2ee5dc0b9d589ff5bed665a87a7fc94799b7d53

  • SHA256

    595168260deb2fce4369c1ce5cb60afa74fdeabd01e9dae97609d0498bfc5c5e

  • SHA512

    9e1e687d8fb2fa38454175344e08a34369b2cfdb900e90a07e1b97f70dabb3c416022ec583b216c704eda598c3f5129f0dbc701be07b9a217a3a34928135ab40

  • SSDEEP

    3072:Ixy7uV9YmUpNBw3bs1QRgXBIniLFQmmC9tdJ2cl:IxlImPLVRgXnLFQiEM

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

https://dddotx.shop/Mine/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      Поръчка за покупка_(PO580040)_Uspeh Filter.exe

    • Size

      193KB

    • MD5

      2750811b6c17c3c3ae345316f84aa921

    • SHA1

      13a3343fcf472ac067ccb6e4c32cd47f1761e826

    • SHA256

      83f31c20b1e1819627874ca9eeb2a8b703e28656a581289821415963dcf596b8

    • SHA512

      ced97f75886800fe17642555a0f6891c118d3e96e2d2998b16b5dd9074a32db34a706b1fe34eaedec9755e0a9bc4c2adba7045894961dce3778f53c5531dad9e

    • SSDEEP

      3072:4IzkRZo5uKwZ56Es5r0GgE1QR6XBGnglHQmaCvtdWfT:z61SLg9R6XplHQA

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks