General
-
Target
2a0e4778f0dd5e70ea4bb89278a5c0bf6c2495dfd36fe4bec6bc9eaa1120fe09.exe
-
Size
1.0MB
-
Sample
210122-yccr868yex
-
MD5
db193dc6e01d98969faa5c5f15d0c839
-
SHA1
9da4575ce53b6cf1fe586c77e417274ba01c52e5
-
SHA256
2a0e4778f0dd5e70ea4bb89278a5c0bf6c2495dfd36fe4bec6bc9eaa1120fe09
-
SHA512
c738652aaed777394acbf21dfe6abcfb56ecf1c3cb9015392ee495f6d1d77d3459b8c9202aec477f199f20d2f155fb99d276fafb1341d5387b243a8962325d11
Static task
static1
Behavioral task
behavioral1
Sample
2a0e4778f0dd5e70ea4bb89278a5c0bf6c2495dfd36fe4bec6bc9eaa1120fe09.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/cfOoZYb0LXPms
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
2a0e4778f0dd5e70ea4bb89278a5c0bf6c2495dfd36fe4bec6bc9eaa1120fe09.exe
-
Size
1.0MB
-
MD5
db193dc6e01d98969faa5c5f15d0c839
-
SHA1
9da4575ce53b6cf1fe586c77e417274ba01c52e5
-
SHA256
2a0e4778f0dd5e70ea4bb89278a5c0bf6c2495dfd36fe4bec6bc9eaa1120fe09
-
SHA512
c738652aaed777394acbf21dfe6abcfb56ecf1c3cb9015392ee495f6d1d77d3459b8c9202aec477f199f20d2f155fb99d276fafb1341d5387b243a8962325d11
-
Suspicious use of SetThreadContext
-