General
-
Target
d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6.exe
-
Size
734KB
-
Sample
210115-bxy15y7nx6
-
MD5
bec0173b84f767b9d1ae188dc34aa76f
-
SHA1
3f1a2c7cef32409db461a2a4e74a396f7ff09357
-
SHA256
d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6
-
SHA512
d53dea258da6a80af1bee8aaab18b40677360b104d2358e6542f18e8125430b395f4c066f09b86260ce1562a8fff5142d8511c2ed5ed5bb8e5d47a014998dd56
Static task
static1
Behavioral task
behavioral1
Sample
d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://becharnise.ir/fox/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6.exe
-
Size
734KB
-
MD5
bec0173b84f767b9d1ae188dc34aa76f
-
SHA1
3f1a2c7cef32409db461a2a4e74a396f7ff09357
-
SHA256
d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6
-
SHA512
d53dea258da6a80af1bee8aaab18b40677360b104d2358e6542f18e8125430b395f4c066f09b86260ce1562a8fff5142d8511c2ed5ed5bb8e5d47a014998dd56
-
Suspicious use of SetThreadContext
-