General
-
Target
cde0068a94bf72aac7d9249e6c551662.exe
-
Size
969KB
-
Sample
210113-cfg5mv92ha
-
MD5
cde0068a94bf72aac7d9249e6c551662
-
SHA1
51343688f77fe3d2a24a88f0539634cb66dadd18
-
SHA256
1b514f5e6484c97155dda3e6ee1073f41f19318af2d00d0bec33c6dc7844c3f6
-
SHA512
f2e48ff085f9824aceb8938ec42750b480704923ede42f035624c3221c5e4a8cac4213fa1af03574c21526950490ade141f4fd8a70a65b9be6012083c6ec6b40
Static task
static1
Behavioral task
behavioral1
Sample
cde0068a94bf72aac7d9249e6c551662.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://azme-contractors.com/chief/boss/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
cde0068a94bf72aac7d9249e6c551662.exe
-
Size
969KB
-
MD5
cde0068a94bf72aac7d9249e6c551662
-
SHA1
51343688f77fe3d2a24a88f0539634cb66dadd18
-
SHA256
1b514f5e6484c97155dda3e6ee1073f41f19318af2d00d0bec33c6dc7844c3f6
-
SHA512
f2e48ff085f9824aceb8938ec42750b480704923ede42f035624c3221c5e4a8cac4213fa1af03574c21526950490ade141f4fd8a70a65b9be6012083c6ec6b40
-
Suspicious use of SetThreadContext
-