lokibot | f8f10a3b046d25530c2091eaa07b56ba2e530da4c83f00a8dfede8d407260d69

General

Target

JaffaCakes118_f8f10a3b046d25530c2091eaa07b56ba2e530da4c83f00a8dfede8d407260d69
Size

648KB
Sample

241224-2n6deszjdw
MD5

cb4a8ea9a06da5bf8016aeb1606866d7
SHA1

b311ea8fcf4ad936ec53e544ec8ca338eadb5a4e
SHA256

f8f10a3b046d25530c2091eaa07b56ba2e530da4c83f00a8dfede8d407260d69
SHA512

0eba2e62c22eda64687018b3853725ca63f557a48b72e46653be594887d9f1fdf1c236ff426b8592583e6cfee206c77af41340be9bf16937f56eae2190f69cfe
SSDEEP

1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score

10^/10

lokibot discovery

Malware Config

Extracted

Family

lokibot

C2

http://hyatqfuh9olahvxf.ga/Legend/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  JaffaCakes118_f8f10a3b046d25530c2091eaa07b56ba2e530da4c83f00a8dfede8d407260d69
- Size
  
  648KB
- MD5
  
  cb4a8ea9a06da5bf8016aeb1606866d7
- SHA1
  
  b311ea8fcf4ad936ec53e544ec8ca338eadb5a4e
- SHA256
  
  f8f10a3b046d25530c2091eaa07b56ba2e530da4c83f00a8dfede8d407260d69
- SHA512
  
  0eba2e62c22eda64687018b3853725ca63f557a48b72e46653be594887d9f1fdf1c236ff426b8592583e6cfee206c77af41340be9bf16937f56eae2190f69cfe
- SSDEEP
  
  1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2