General
-
Target
136d81a0149a1b97c4924ed811df8ca3c331a43def9abec8e3f489b3944c896d.exe
-
Size
721KB
-
Sample
210119-g9hcxz19fe
-
MD5
905ccbcdaa81d1df19e534055f56bce6
-
SHA1
57074c93f48a33a9d56250637c9239bcab79f6c7
-
SHA256
136d81a0149a1b97c4924ed811df8ca3c331a43def9abec8e3f489b3944c896d
-
SHA512
3ae31bd7a9b0f7de70133ed987cc40bedd21fa03b1eb109014b302d8d4bdb1f7cc8f2dc8db66d01cf00f54b7c12497eeefa5a692370ca237175a7341ca427ea9
Static task
static1
Behavioral task
behavioral1
Sample
136d81a0149a1b97c4924ed811df8ca3c331a43def9abec8e3f489b3944c896d.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://mafivaz.biz/mafivaz.biz/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
136d81a0149a1b97c4924ed811df8ca3c331a43def9abec8e3f489b3944c896d.exe
-
Size
721KB
-
MD5
905ccbcdaa81d1df19e534055f56bce6
-
SHA1
57074c93f48a33a9d56250637c9239bcab79f6c7
-
SHA256
136d81a0149a1b97c4924ed811df8ca3c331a43def9abec8e3f489b3944c896d
-
SHA512
3ae31bd7a9b0f7de70133ed987cc40bedd21fa03b1eb109014b302d8d4bdb1f7cc8f2dc8db66d01cf00f54b7c12497eeefa5a692370ca237175a7341ca427ea9
-
Suspicious use of SetThreadContext
-