Overview

overview

10

Static

static

10

JaffaCakes...43.exe

windows7-x64

1

JaffaCakes...43.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_959a18f78a9526601437883f0c4203cfb2a248ccbc1a2e3d8cfddc11cbb06043

  • Size

    648KB

  • MD5

    943c146aac9b5acb09e1c6edfef69bb9

  • SHA1

    8d3c175c703f76a2c817e261504069e55e8e5565

  • SHA256

    959a18f78a9526601437883f0c4203cfb2a248ccbc1a2e3d8cfddc11cbb06043

  • SHA512

    90ffa6ffbeb2703bb5f8d8580bbb69de2d4f0c1a2787ce67269079f08758f12062d87b596a5537f12c0a2fbd3b1cfbda9b146d983539e1e1db61d0ed5252247f

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://85.202.169.172/kelly/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • JaffaCakes118_959a18f78a9526601437883f0c4203cfb2a248ccbc1a2e3d8cfddc11cbb06043
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections