General
-
Target
5128bb068a8ab072f70e24e50edbb76198f9ed7859534505cf62c067bb1221de.exe
-
Size
533KB
-
Sample
210115-15v8ej4m6e
-
MD5
c3aa9cf0cc1155132139e619fded88e4
-
SHA1
7a68d37d0b9c8bb49c40945e7cd7f8480d6ac635
-
SHA256
5128bb068a8ab072f70e24e50edbb76198f9ed7859534505cf62c067bb1221de
-
SHA512
55e4a87be9e1b729da8327abf817e357286cbf67134359c277028cf82869ce44fc30fa1308c3e9e5d1a8a676eea6df117af2b8b4a42ec2e056c1e5aacb401b5a
Static task
static1
Behavioral task
behavioral1
Sample
5128bb068a8ab072f70e24e50edbb76198f9ed7859534505cf62c067bb1221de.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/cfOoZYb0LXPms
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
5128bb068a8ab072f70e24e50edbb76198f9ed7859534505cf62c067bb1221de.exe
-
Size
533KB
-
MD5
c3aa9cf0cc1155132139e619fded88e4
-
SHA1
7a68d37d0b9c8bb49c40945e7cd7f8480d6ac635
-
SHA256
5128bb068a8ab072f70e24e50edbb76198f9ed7859534505cf62c067bb1221de
-
SHA512
55e4a87be9e1b729da8327abf817e357286cbf67134359c277028cf82869ce44fc30fa1308c3e9e5d1a8a676eea6df117af2b8b4a42ec2e056c1e5aacb401b5a
-
Suspicious use of SetThreadContext
-