General
-
Target
b0cf41eaffcc2c22c866c4cb721d763021898f74f1bdf35d4ae2711f6edf327b.exe
-
Size
388KB
-
Sample
201126-qevfjaa41s
-
MD5
2c00c7674d6c3701c78cf2a4dfb0ce3f
-
SHA1
853583a9010be8f4403b51ed39c51eecfd5ee2f0
-
SHA256
b0cf41eaffcc2c22c866c4cb721d763021898f74f1bdf35d4ae2711f6edf327b
-
SHA512
a45e94221010a9763bcf1e1a1e562597d4f9399e57b65c817b98fd4c3428e9283055f78840e3d81e807135a2ef1fbc8e4ffd0b88fa12985968553a3e82122686
Static task
static1
Behavioral task
behavioral1
Sample
b0cf41eaffcc2c22c866c4cb721d763021898f74f1bdf35d4ae2711f6edf327b.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://qreenmaple.com/baba/baba1/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b0cf41eaffcc2c22c866c4cb721d763021898f74f1bdf35d4ae2711f6edf327b.exe
-
Size
388KB
-
MD5
2c00c7674d6c3701c78cf2a4dfb0ce3f
-
SHA1
853583a9010be8f4403b51ed39c51eecfd5ee2f0
-
SHA256
b0cf41eaffcc2c22c866c4cb721d763021898f74f1bdf35d4ae2711f6edf327b
-
SHA512
a45e94221010a9763bcf1e1a1e562597d4f9399e57b65c817b98fd4c3428e9283055f78840e3d81e807135a2ef1fbc8e4ffd0b88fa12985968553a3e82122686
-
Suspicious use of SetThreadContext
-