General
-
Target
3622005ae3bfc501cdba1551166885af68fbdf4deb6b780880e8b1e71e8f3cf5.exe
-
Size
552KB
-
Sample
210115-f6wgsgzd8s
-
MD5
ca25099e33acb6008ecc6f448270685c
-
SHA1
fae966d2839ac6cb4d92f8978b7499689904558c
-
SHA256
3622005ae3bfc501cdba1551166885af68fbdf4deb6b780880e8b1e71e8f3cf5
-
SHA512
4b5e9cdb6590c660cd5db3ef56e8c29f981ea50a279c2e938bd42cf4eb43fd2013b042bef0fbfd5a642b01506802cc84f36f40cc87f3edf2fb32070dbcea9d84
Static task
static1
Behavioral task
behavioral1
Sample
3622005ae3bfc501cdba1551166885af68fbdf4deb6b780880e8b1e71e8f3cf5.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/cfOoZYb0LXPms
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3622005ae3bfc501cdba1551166885af68fbdf4deb6b780880e8b1e71e8f3cf5.exe
-
Size
552KB
-
MD5
ca25099e33acb6008ecc6f448270685c
-
SHA1
fae966d2839ac6cb4d92f8978b7499689904558c
-
SHA256
3622005ae3bfc501cdba1551166885af68fbdf4deb6b780880e8b1e71e8f3cf5
-
SHA512
4b5e9cdb6590c660cd5db3ef56e8c29f981ea50a279c2e938bd42cf4eb43fd2013b042bef0fbfd5a642b01506802cc84f36f40cc87f3edf2fb32070dbcea9d84
-
Suspicious use of SetThreadContext
-