Overview

overview

10

Static

static

10

JaffaCakes...65.exe

windows7-x64

JaffaCakes...65.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_08a7beb1bcabdf30c7d43842a0531ebb15a0e8772d317865b42ecdd5b7458f65

  • Size

    652KB

  • MD5

    1aaaf15de2d3a4db751796dd0b73e9b7

  • SHA1

    5669bd6f4fcbd19aab8ebc40cdcb8ab1db0b9e52

  • SHA256

    08a7beb1bcabdf30c7d43842a0531ebb15a0e8772d317865b42ecdd5b7458f65

  • SHA512

    b73ed4adfa34e858da64ea86d769434620845f8b42a1a1433df20a2bf7c84f72d2ea0fd7b7c4f25aeb75aa22e7e9a9ffd4702a66fb1981c7aff165f8f6118b5c

  • SSDEEP

    1536:kzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmdA:/SHIG6mQwGmfOQd8YhY0/EqUGA

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gg12/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_08a7beb1bcabdf30c7d43842a0531ebb15a0e8772d317865b42ecdd5b7458f65
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections