Overview

overview

10

Static

static

10

JaffaCakes...9f.exe

windows7-x64

JaffaCakes...9f.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a6f9f3e7869954b43c54107fd6648093c5e50c494352c9ca5941238e0551169f

  • Size

    652KB

  • Sample

    241226-2kz28stmer

  • MD5

    0accdb33c656834a3c1bbe69c80d5b8e

  • SHA1

    acf0f09a87d36c7019be99b3baeadd54b8373e86

  • SHA256

    a6f9f3e7869954b43c54107fd6648093c5e50c494352c9ca5941238e0551169f

  • SHA512

    c417ad5c1303c25cda056db24aa80a0acbbcb0b4c8ff01631004a18762cc3831a34edcafd8ecb68ffa7278030b4a03383a1edfdfcedec6d5c60c4535c1444684

  • SSDEEP

    1536:kzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmdT:/SHIG6mQwGmfOQd8YhY0/EqUGT

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://198.187.30.47/p.php?id=7347525472263042

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      JaffaCakes118_a6f9f3e7869954b43c54107fd6648093c5e50c494352c9ca5941238e0551169f

    • Size

      652KB

    • MD5

      0accdb33c656834a3c1bbe69c80d5b8e

    • SHA1

      acf0f09a87d36c7019be99b3baeadd54b8373e86

    • SHA256

      a6f9f3e7869954b43c54107fd6648093c5e50c494352c9ca5941238e0551169f

    • SHA512

      c417ad5c1303c25cda056db24aa80a0acbbcb0b4c8ff01631004a18762cc3831a34edcafd8ecb68ffa7278030b4a03383a1edfdfcedec6d5c60c4535c1444684

    • SSDEEP

      1536:kzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmdT:/SHIG6mQwGmfOQd8YhY0/EqUGT

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks