General
-
Target
f6c704a0363a8b530d9beb4e07cea5de.exe
-
Size
632KB
-
Sample
201204-1a7aam5c9a
-
MD5
f6c704a0363a8b530d9beb4e07cea5de
-
SHA1
2c3096f67064ffa63e785dd34b4b0ecdce975e77
-
SHA256
56790883c5da2b30d0f089454ab67a354d98de2a7796e34d0438e0b515a3ec3d
-
SHA512
619c49e75074d696759a4cb4ce1f95eb9f1295c8870b73864dea9452fb6e88adeebdda5c32b79eb909bd336cf319baeb8f01f5323c761651eacff803f6382b7a
Static task
static1
Behavioral task
behavioral1
Sample
f6c704a0363a8b530d9beb4e07cea5de.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://webtex.ga/rojas/gate.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
f6c704a0363a8b530d9beb4e07cea5de.exe
-
Size
632KB
-
MD5
f6c704a0363a8b530d9beb4e07cea5de
-
SHA1
2c3096f67064ffa63e785dd34b4b0ecdce975e77
-
SHA256
56790883c5da2b30d0f089454ab67a354d98de2a7796e34d0438e0b515a3ec3d
-
SHA512
619c49e75074d696759a4cb4ce1f95eb9f1295c8870b73864dea9452fb6e88adeebdda5c32b79eb909bd336cf319baeb8f01f5323c761651eacff803f6382b7a
-
Suspicious use of SetThreadContext
-