Overview

overview

10

Static

static

10

JaffaCakes...b6.exe

windows7-x64

1

JaffaCakes...b6.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d38338dea990196b25eeeb9f82637239b7afe3c3e9abe01ae4e0af4fdd3a1db6

  • Size

    648KB

  • MD5

    b688caacfb1b1c42c4f708a8246f6d0d

  • SHA1

    d6a2850d7c2b7dc133b140b4f661d4f07ebc15c6

  • SHA256

    d38338dea990196b25eeeb9f82637239b7afe3c3e9abe01ae4e0af4fdd3a1db6

  • SHA512

    1eaed830daae6faa797c6cee53eac27c1f7cbc8c18638a0f434a1683087188531b5c75546916f61919f37493350029ac6e1d03b61795a0ca49d36efd3d0825e1

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gg12/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_d38338dea990196b25eeeb9f82637239b7afe3c3e9abe01ae4e0af4fdd3a1db6
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections