General
-
Target
51146cdc626be707700c7459883faef7864612af14354aefed988fed9afa136f.exe
-
Size
764KB
-
Sample
210115-y9bpnqrexx
-
MD5
77c712dbe9016d578289922f9e9ee6d9
-
SHA1
c8271994e18f50fbdbdae8e1ce9b25cfceaf3ace
-
SHA256
51146cdc626be707700c7459883faef7864612af14354aefed988fed9afa136f
-
SHA512
b3c34543fbbcf14b80489ec184f7ec79b37c9074eb6ead75ee40f5ab000d874784f111d06cf4953cfe7b3c15eebd76a3fc0e913e65ff8a5d65e792a146020b71
Static task
static1
Behavioral task
behavioral1
Sample
51146cdc626be707700c7459883faef7864612af14354aefed988fed9afa136f.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://becharnise.ir/fa2/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
51146cdc626be707700c7459883faef7864612af14354aefed988fed9afa136f.exe
-
Size
764KB
-
MD5
77c712dbe9016d578289922f9e9ee6d9
-
SHA1
c8271994e18f50fbdbdae8e1ce9b25cfceaf3ace
-
SHA256
51146cdc626be707700c7459883faef7864612af14354aefed988fed9afa136f
-
SHA512
b3c34543fbbcf14b80489ec184f7ec79b37c9074eb6ead75ee40f5ab000d874784f111d06cf4953cfe7b3c15eebd76a3fc0e913e65ff8a5d65e792a146020b71
-
Suspicious use of SetThreadContext
-