General
-
Target
7b95e7c4b726fb678571f965327eb05c.exe
-
Size
145KB
-
Sample
210408-b87ard98ws
-
MD5
7b95e7c4b726fb678571f965327eb05c
-
SHA1
e2afad566ae8d7929cad0ebc8272d9202700a334
-
SHA256
90264601dc078ff9628a36dcca7a4ca0c65c7c68315601f6688f2690847fdab7
-
SHA512
4d96cb34c39568b608087f65083e18ed30fbe36666cb2d52a10fde3289b36619a5f884d47637cef953f4a4d48278d54577e7749ef92d34aa533ec7b670320194
Static task
static1
Behavioral task
behavioral1
Sample
7b95e7c4b726fb678571f965327eb05c.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://amrp.tw/ozi/gate.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
7b95e7c4b726fb678571f965327eb05c.exe
-
Size
145KB
-
MD5
7b95e7c4b726fb678571f965327eb05c
-
SHA1
e2afad566ae8d7929cad0ebc8272d9202700a334
-
SHA256
90264601dc078ff9628a36dcca7a4ca0c65c7c68315601f6688f2690847fdab7
-
SHA512
4d96cb34c39568b608087f65083e18ed30fbe36666cb2d52a10fde3289b36619a5f884d47637cef953f4a4d48278d54577e7749ef92d34aa533ec7b670320194
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-