General
-
Target
b70435027f6fd88676d6b54087422fd696f41bffb783a8248affee5e6a62a97d.exe
-
Size
1.0MB
-
Sample
210118-plvp7paytn
-
MD5
584800d8bd80a0e7f2972fd3614f3832
-
SHA1
f30f87daffbe63e53dc13a940c207a4b8552e733
-
SHA256
b70435027f6fd88676d6b54087422fd696f41bffb783a8248affee5e6a62a97d
-
SHA512
daf4bc33da570f118cf4ae8a9a865a62a43863e493592bfb0816df1327cb669c9f40613144458eadd505f5fdfc771b0809d50bd7abddbd9ed18e85ec5e3f15a8
Static task
static1
Behavioral task
behavioral1
Sample
b70435027f6fd88676d6b54087422fd696f41bffb783a8248affee5e6a62a97d.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://becharnise.ir/fa8/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b70435027f6fd88676d6b54087422fd696f41bffb783a8248affee5e6a62a97d.exe
-
Size
1.0MB
-
MD5
584800d8bd80a0e7f2972fd3614f3832
-
SHA1
f30f87daffbe63e53dc13a940c207a4b8552e733
-
SHA256
b70435027f6fd88676d6b54087422fd696f41bffb783a8248affee5e6a62a97d
-
SHA512
daf4bc33da570f118cf4ae8a9a865a62a43863e493592bfb0816df1327cb669c9f40613144458eadd505f5fdfc771b0809d50bd7abddbd9ed18e85ec5e3f15a8
-
Suspicious use of SetThreadContext
-