General
-
Target
9f4258e5c61e45d8cedece680a26b83be12413727685afdf469bc91727751a8c.exe
-
Size
567KB
-
Sample
210115-w2xlhfxaj2
-
MD5
e14c457400ef8b306e40f1e12f50b5bf
-
SHA1
4de6f90a078773b488471d9b213c8f22c2a05cce
-
SHA256
9f4258e5c61e45d8cedece680a26b83be12413727685afdf469bc91727751a8c
-
SHA512
ab6904be14019d886a99a78ae1e228ac1c7223e2f2ec461a3122b60e78c17c1fe77d3996cf4645c71183fd5409afd2832a3cd9bdd1a9d74de2aa2e2221fead70
Static task
static1
Behavioral task
behavioral1
Sample
9f4258e5c61e45d8cedece680a26b83be12413727685afdf469bc91727751a8c.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
https://lightloog.ddns.net/log/panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
9f4258e5c61e45d8cedece680a26b83be12413727685afdf469bc91727751a8c.exe
-
Size
567KB
-
MD5
e14c457400ef8b306e40f1e12f50b5bf
-
SHA1
4de6f90a078773b488471d9b213c8f22c2a05cce
-
SHA256
9f4258e5c61e45d8cedece680a26b83be12413727685afdf469bc91727751a8c
-
SHA512
ab6904be14019d886a99a78ae1e228ac1c7223e2f2ec461a3122b60e78c17c1fe77d3996cf4645c71183fd5409afd2832a3cd9bdd1a9d74de2aa2e2221fead70
-
Suspicious use of SetThreadContext
-