General
-
Target
e01d70a2ddf0c706a1f5e4847f8c099ffdc821b188f98dc15f528c8bf34a6630.exe
-
Size
1.0MB
-
Sample
210112-fcwcvhnyma
-
MD5
55253b41c810499591ff6c5cc1db5d4d
-
SHA1
0449c46e4db9b8beeadbeb6774965360b4c2f452
-
SHA256
e01d70a2ddf0c706a1f5e4847f8c099ffdc821b188f98dc15f528c8bf34a6630
-
SHA512
4427eb158aa5a555c2093b07eb927f32e230db8e547ceabd345b8ded778222c3125d176d85e8c73f87dcb68fcae498206e9d3e53366f27607732ea6a5cd407c5
Static task
static1
Behavioral task
behavioral1
Sample
e01d70a2ddf0c706a1f5e4847f8c099ffdc821b188f98dc15f528c8bf34a6630.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://worldpackmx.com/fretyuil/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
e01d70a2ddf0c706a1f5e4847f8c099ffdc821b188f98dc15f528c8bf34a6630.exe
-
Size
1.0MB
-
MD5
55253b41c810499591ff6c5cc1db5d4d
-
SHA1
0449c46e4db9b8beeadbeb6774965360b4c2f452
-
SHA256
e01d70a2ddf0c706a1f5e4847f8c099ffdc821b188f98dc15f528c8bf34a6630
-
SHA512
4427eb158aa5a555c2093b07eb927f32e230db8e547ceabd345b8ded778222c3125d176d85e8c73f87dcb68fcae498206e9d3e53366f27607732ea6a5cd407c5
-
Suspicious use of SetThreadContext
-