General
-
Target
SecuriteInfo.com.Artemis.389
-
Size
1.0MB
-
Sample
210118-67ndty2fqe
-
MD5
c6091ddf2745b7edcfa535d727ea7b7a
-
SHA1
769608c06ff9bd184be238b6c92769533eaef750
-
SHA256
1c92e75853c17bb45af6a066b89e395f3e0d1cb07f2f0b1bc61d2e069bba29ae
-
SHA512
9c49f8df4e609552f88f3af71a96ed8829f067b556b02f207165bbe1226350883d690d09af18356eba37973d4a195a98f9741479b90958b971af819351061d75
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Artemis.389.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://okpana.com/chief/boss/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SecuriteInfo.com.Artemis.389
-
Size
1.0MB
-
MD5
c6091ddf2745b7edcfa535d727ea7b7a
-
SHA1
769608c06ff9bd184be238b6c92769533eaef750
-
SHA256
1c92e75853c17bb45af6a066b89e395f3e0d1cb07f2f0b1bc61d2e069bba29ae
-
SHA512
9c49f8df4e609552f88f3af71a96ed8829f067b556b02f207165bbe1226350883d690d09af18356eba37973d4a195a98f9741479b90958b971af819351061d75
-
Suspicious use of SetThreadContext
-