General
-
Target
acf42dc8f600af006a951b543055f887fa71457b95697227d61433b9a1cff3e8.exe
-
Size
874KB
-
Sample
210122-2ws1qysmtx
-
MD5
6f50c27b591f861b217bddec9c95becb
-
SHA1
92d64784fcf3f8871595b8a70342f4df45331f79
-
SHA256
acf42dc8f600af006a951b543055f887fa71457b95697227d61433b9a1cff3e8
-
SHA512
c986216f3614d50f9e8fd243c9784a9a1062ff5e362ff15b9ed0c20609e7754bd73029c099725c9c36332b2bb2b9fd746b3670ba9ac2b72efaae6a0cb0d28b79
Static task
static1
Behavioral task
behavioral1
Sample
acf42dc8f600af006a951b543055f887fa71457b95697227d61433b9a1cff3e8.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://mekamaka.com/chief/noni/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
acf42dc8f600af006a951b543055f887fa71457b95697227d61433b9a1cff3e8.exe
-
Size
874KB
-
MD5
6f50c27b591f861b217bddec9c95becb
-
SHA1
92d64784fcf3f8871595b8a70342f4df45331f79
-
SHA256
acf42dc8f600af006a951b543055f887fa71457b95697227d61433b9a1cff3e8
-
SHA512
c986216f3614d50f9e8fd243c9784a9a1062ff5e362ff15b9ed0c20609e7754bd73029c099725c9c36332b2bb2b9fd746b3670ba9ac2b72efaae6a0cb0d28b79
-
Suspicious use of SetThreadContext
-