General
-
Target
606e962ab5babddf8616a2e9596d0312fae466cc2529dca4ab5f44d0f4863902.exe
-
Size
875KB
-
Sample
210122-dgrbp3rqka
-
MD5
ee3d3372977f96a7eb777e7cb1a49517
-
SHA1
d57cb7e62bed15d778e026ed0b8af9fa38be951f
-
SHA256
606e962ab5babddf8616a2e9596d0312fae466cc2529dca4ab5f44d0f4863902
-
SHA512
98daffb5261938a9b1fe5e4a45e77077a27de31527a7a5c396c3b1b1bd7c44e6804de3461d9e366c87534f49aaf351466c2082163f47c7f9166810550ba4ec4f
Static task
static1
Behavioral task
behavioral1
Sample
606e962ab5babddf8616a2e9596d0312fae466cc2529dca4ab5f44d0f4863902.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://zunlen.com/kin/kin4/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
606e962ab5babddf8616a2e9596d0312fae466cc2529dca4ab5f44d0f4863902.exe
-
Size
875KB
-
MD5
ee3d3372977f96a7eb777e7cb1a49517
-
SHA1
d57cb7e62bed15d778e026ed0b8af9fa38be951f
-
SHA256
606e962ab5babddf8616a2e9596d0312fae466cc2529dca4ab5f44d0f4863902
-
SHA512
98daffb5261938a9b1fe5e4a45e77077a27de31527a7a5c396c3b1b1bd7c44e6804de3461d9e366c87534f49aaf351466c2082163f47c7f9166810550ba4ec4f
-
Suspicious use of SetThreadContext
-