Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

6bcddc15bc...c2.exe

windows7-x64

10

6bcddc15bc...c2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6bcddc15bc817e1eff29027edc4b19ef38c78b53d01fb8ffc024ad4df57b55c2

  • Size

    320KB

  • Sample

    241127-y2zk9aymex

  • MD5

    3050c0cddc68a35f296ba436c4726db4

  • SHA1

    199706ee121c23702f2e7e41827be3e58d1605ea

  • SHA256

    6bcddc15bc817e1eff29027edc4b19ef38c78b53d01fb8ffc024ad4df57b55c2

  • SHA512

    b95c673a0c267e3ba56ffa26c976c7c0c0a1cc61f3c25f7fc5041919957ad5cb3dfe12d2a7cc0a10b2db41f7e0b42677b8e926d7b4d8679aadbd16976bd8e3ca

  • SSDEEP

    6144:XGFzgRPqgRFh96Z9xK/xmf0xzx+2OpxpPzjJ0DtUNzqXld:XqkPqcFh9S9xW/+2KvLj2TXf

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://frojbdawmiojfg.sytes.net:4410/fujfygidj/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      6bcddc15bc817e1eff29027edc4b19ef38c78b53d01fb8ffc024ad4df57b55c2

    • Size

      320KB

    • MD5

      3050c0cddc68a35f296ba436c4726db4

    • SHA1

      199706ee121c23702f2e7e41827be3e58d1605ea

    • SHA256

      6bcddc15bc817e1eff29027edc4b19ef38c78b53d01fb8ffc024ad4df57b55c2

    • SHA512

      b95c673a0c267e3ba56ffa26c976c7c0c0a1cc61f3c25f7fc5041919957ad5cb3dfe12d2a7cc0a10b2db41f7e0b42677b8e926d7b4d8679aadbd16976bd8e3ca

    • SSDEEP

      6144:XGFzgRPqgRFh96Z9xK/xmf0xzx+2OpxpPzjJ0DtUNzqXld:XqkPqcFh9S9xW/+2KvLj2TXf

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Lokibot family

      lokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.