Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

JaffaCakes...d9.exe

windows7-x64

1

JaffaCakes...d9.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9

  • Size

    648KB

  • Sample

    241229-29xneazncn

  • MD5

    39a5980dd60b56a3c0cbda160f7252b0

  • SHA1

    d1d9ae93a5ed48b399b04233d8b989374b0acadc

  • SHA256

    59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9

  • SHA512

    6b243e21e502652b338316681e4aee27ae5dd0c5252aca4e55c99db983d2442be86b38f95bcae466e162062247271a8aec7f8025c54b9d323739fb47bfad01ae

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqcIzmd:nSHIG6mQwGmfOQd8YhY0/EZUG

Score
10/10
lokibotdiscovery

Malware Config

Extracted

Family

lokibot

C2

http://vmopahtqdf84hfvsqepalcbcch63gdyvah.ml/BN2/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      JaffaCakes118_59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9

    • Size

      648KB

    • MD5

      39a5980dd60b56a3c0cbda160f7252b0

    • SHA1

      d1d9ae93a5ed48b399b04233d8b989374b0acadc

    • SHA256

      59d55b7c61f1dd00ddd4aee3ac711e645466c6aeaebee12f8b40182dc02e3ed9

    • SHA512

      6b243e21e502652b338316681e4aee27ae5dd0c5252aca4e55c99db983d2442be86b38f95bcae466e162062247271a8aec7f8025c54b9d323739fb47bfad01ae

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqcIzmd:nSHIG6mQwGmfOQd8YhY0/EZUG

    Score
    3/10
    discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.