Overview

overview

10

Static

static

10

JaffaCakes...67.exe

windows7-x64

10

JaffaCakes...67.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_41b5046ac65e64d2cb96b1a6e229db67

  • Size

    104KB

  • Sample

    250106-3x1d7stncz

  • MD5

    41b5046ac65e64d2cb96b1a6e229db67

  • SHA1

    184f8bd589c01e58fd7c34c6af406f297e287a42

  • SHA256

    367418cc6a5628cfab14677e14878c26911a1d165d4aad33ed41efa4facdea28

  • SHA512

    56703e2facc54c8c2242ec70133e1a6649a150d6874c621667cd0bbcee1bddf2ed41c3a14b07f02476c1fc7333a1dd299f70f7fff631048e83c86fa97bde5b9d

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

https://xfsrg.xyz/ddvil/w2/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      JaffaCakes118_41b5046ac65e64d2cb96b1a6e229db67

    • Size

      104KB

    • MD5

      41b5046ac65e64d2cb96b1a6e229db67

    • SHA1

      184f8bd589c01e58fd7c34c6af406f297e287a42

    • SHA256

      367418cc6a5628cfab14677e14878c26911a1d165d4aad33ed41efa4facdea28

    • SHA512

      56703e2facc54c8c2242ec70133e1a6649a150d6874c621667cd0bbcee1bddf2ed41c3a14b07f02476c1fc7333a1dd299f70f7fff631048e83c86fa97bde5b9d

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Lokibot family

      lokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks