lokibot | 59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9

General

Target

JaffaCakes118_59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9
Size

648KB
Sample

241229-29xneazncn
MD5

39a5980dd60b56a3c0cbda160f7252b0
SHA1

d1d9ae93a5ed48b399b04233d8b989374b0acadc
SHA256

59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9
SHA512

6b243e21e502652b338316681e4aee27ae5dd0c5252aca4e55c99db983d2442be86b38f95bcae466e162062247271a8aec7f8025c54b9d323739fb47bfad01ae
SSDEEP

1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqcIzmd:nSHIG6mQwGmfOQd8YhY0/EZUG

Score

10^/10

lokibot discovery

Malware Config

Extracted

Family

lokibot

C2

http://vmopahtqdf84hfvsqepalcbcch63gdyvah.ml/BN2/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  JaffaCakes118_59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9
- Size
  
  648KB
- MD5
  
  39a5980dd60b56a3c0cbda160f7252b0
- SHA1
  
  d1d9ae93a5ed48b399b04233d8b989374b0acadc
- SHA256
  
  59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9
- SHA512
  
  6b243e21e502652b338316681e4aee27ae5dd0c5252aca4e55c99db983d2442be86b38f95bcae466e162062247271a8aec7f8025c54b9d323739fb47bfad01ae
- SSDEEP
  
  1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqcIzmd:nSHIG6mQwGmfOQd8YhY0/EZUG
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2