General
-
Target
4401d62f459d17975cb9cf5b379cea96.exe
-
Size
654KB
-
Sample
210115-s3hkmdtptx
-
MD5
4401d62f459d17975cb9cf5b379cea96
-
SHA1
d02cf59cdd52a6d922c0f2a6dae333a97c6687a9
-
SHA256
0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3
-
SHA512
beac402156ea23077bcc8e105fd3706b3e6e561e0d3a39e567c111446fcee3657e7ae6ed339c4bcf238f0d4bb401e8a8afbd00377762efea8c1ab63bd634a14f
Static task
static1
Behavioral task
behavioral1
Sample
4401d62f459d17975cb9cf5b379cea96.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://lmpulsefashion.net/chief/kev/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
4401d62f459d17975cb9cf5b379cea96.exe
-
Size
654KB
-
MD5
4401d62f459d17975cb9cf5b379cea96
-
SHA1
d02cf59cdd52a6d922c0f2a6dae333a97c6687a9
-
SHA256
0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3
-
SHA512
beac402156ea23077bcc8e105fd3706b3e6e561e0d3a39e567c111446fcee3657e7ae6ed339c4bcf238f0d4bb401e8a8afbd00377762efea8c1ab63bd634a14f
-
Suspicious use of SetThreadContext
-