General

  • Target

    25022025_0039_Ordendecompra_PO201570_ESUCOSA..exe.iso

  • Size

    314KB

  • Sample

    250225-a862xazlz6

  • MD5

    3b3602199bdb007577d37ad23e4bfb2a

  • SHA1

    92e1998a7cf87a0b173f75682d6565d4a7b3ac47

  • SHA256

    87a844afe80f6bc2c27a6b40a60c76da9605735f4a2896fe2667f5a2d8b1eacb

  • SHA512

    ae9340514cf9a48fd94cf0cd40a4fee59ce49eed956804ce8007f3516ab4e934cd6f5ab0dc9d9c47bd6ab768e7a97a588f596f3418a838cc41f228d5ea7d9661

  • SSDEEP

    3072:UOk3o6IBhL+M6iw6cAEXj/rSpiTFFAB+jne+26HwOPvCicqfjXU52cgj4Z/itKjt:R4obyM6uWnj2QtTbq2cgckKjdEAmg+

Malware Config

Extracted

Family

lokibot

C2

https://ddrtot.shop/New/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      Orden de compra_(PO201570)_ESUCO SA..exe

    • Size

      254KB

    • MD5

      c5e500815f323a78a22d2f6df2639a4d

    • SHA1

      43357de64552ee99d1e2f533afe419b554e237ac

    • SHA256

      1d723e459d4edcfdba3c63825c9582341d356b22ecfc22b8a446b430e0b27be5

    • SHA512

      02cd436252e5616590648c292766054362e71aa0a4f55d0b29af62e278d19a8572a65b00f8fe0d97dca9069c7c1958bf02993f2383dbfda2ab61268a804875d8

    • SSDEEP

      3072:zOk3o6IBhL+M6iw6cAEXj/rSpiTFFAB+jne+26HwOPvCicqfjXU52cgj4Z/itKjt:K4obyM6uWnj2QtTbq2cgckKjdEAmg+

MITRE ATT&CK Enterprise v15

Tasks