General
-
Target
sample-326818-ce22301d051462466b6541f1e9263681.zip
-
Size
493KB
-
Sample
201205-wwtg8c6a9j
-
MD5
17d3ada48c97b33fa69698d1009255c0
-
SHA1
53c2afb5b915362401be89339656420c56941374
-
SHA256
9ac54737e9bab406e1917f570309df5b9e58ccd3d577182eb144c4ff31bf1c14
-
SHA512
dd732c8de26e02f221f6f606166cad1d4874b6db62e247d69665b530d5cfbd87f2f6bdeb775bc3440c9511f697806c5a1662040a96c05b1f2e760bb91a3531e5
Static task
static1
Behavioral task
behavioral1
Sample
test.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://45.134.225.18/plesk-site-preview/endustrigm.eu/http/45.134.225.18/garuba/Panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
test.exe
-
Size
834KB
-
MD5
ce22301d051462466b6541f1e9263681
-
SHA1
9af1d6f86678676ba18473df401e5cb97dc6d848
-
SHA256
81560d06eda75455260687223087f29f54c1a95d2b4e51ed4f3801e3d948cdba
-
SHA512
2dd55213e108494f05e86dc3fae5bd28f9a9d9d90471c829400c065f3264c230e2624b604f9082ab697b2691815de9c68dd2d1b69ec2647f510fa930187a9fb0
-
Suspicious use of SetThreadContext
-