General
-
Target
eb2734125424d8e94e2d58e988c7edd9aee7e35bea03c884a0336d93e5ac29de.exe
-
Size
806KB
-
Sample
210116-lnhc6kkdma
-
MD5
c08c591f773ecee016ad60496e99ac49
-
SHA1
6326dac07e8db5d9c4b328e81e806cd9449eca9a
-
SHA256
eb2734125424d8e94e2d58e988c7edd9aee7e35bea03c884a0336d93e5ac29de
-
SHA512
834ef514a5e7e1a06cb38fbadc04b62caf80f0a31feb06ad9534799e99ba90a92c6d04bba31c878df84ee9d5f1af35562a533ded54c37d003f9a16009f07d6e8
Static task
static1
Behavioral task
behavioral1
Sample
eb2734125424d8e94e2d58e988c7edd9aee7e35bea03c884a0336d93e5ac29de.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://lmpulsefashion.net/chief/boss/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
eb2734125424d8e94e2d58e988c7edd9aee7e35bea03c884a0336d93e5ac29de.exe
-
Size
806KB
-
MD5
c08c591f773ecee016ad60496e99ac49
-
SHA1
6326dac07e8db5d9c4b328e81e806cd9449eca9a
-
SHA256
eb2734125424d8e94e2d58e988c7edd9aee7e35bea03c884a0336d93e5ac29de
-
SHA512
834ef514a5e7e1a06cb38fbadc04b62caf80f0a31feb06ad9534799e99ba90a92c6d04bba31c878df84ee9d5f1af35562a533ded54c37d003f9a16009f07d6e8
-
Suspicious use of SetThreadContext
-