General
-
Target
97a715f8f119a00b01a264f4206bcb050fa0eb9a87d775d3c1acbeb89536da53.exe
-
Size
156KB
-
Sample
210226-zmwr6vr3l2
-
MD5
f236c5ab7d649c9a0cf41cd630625c8e
-
SHA1
de36fd44128dfe472c5608db4eb5877c968da4f9
-
SHA256
97a715f8f119a00b01a264f4206bcb050fa0eb9a87d775d3c1acbeb89536da53
-
SHA512
e3158a904d6a30226f5b1381b8b50a12e604aca4ca5d2f7c64c07e42c75aacae6083e24b188afd9be59ee8d246e02f41150d02ee1b5ee9d81d075d28f049c18e
Static task
static1
Behavioral task
behavioral1
Sample
97a715f8f119a00b01a264f4206bcb050fa0eb9a87d775d3c1acbeb89536da53.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/S7zr5v1fXI3Rb
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
97a715f8f119a00b01a264f4206bcb050fa0eb9a87d775d3c1acbeb89536da53.exe
-
Size
156KB
-
MD5
f236c5ab7d649c9a0cf41cd630625c8e
-
SHA1
de36fd44128dfe472c5608db4eb5877c968da4f9
-
SHA256
97a715f8f119a00b01a264f4206bcb050fa0eb9a87d775d3c1acbeb89536da53
-
SHA512
e3158a904d6a30226f5b1381b8b50a12e604aca4ca5d2f7c64c07e42c75aacae6083e24b188afd9be59ee8d246e02f41150d02ee1b5ee9d81d075d28f049c18e
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-