General
-
Target
b08e82fea6d6300d47f78a2a54aa95da15112e037e292e452d4f63c5cb6de676.exe
-
Size
846KB
-
Sample
210421-btsgvl1fma
-
MD5
e31802832554364edd0212a9dc61d0f5
-
SHA1
2ef0e361e1dcc9b4872a862d01ef95f40d6f7557
-
SHA256
b08e82fea6d6300d47f78a2a54aa95da15112e037e292e452d4f63c5cb6de676
-
SHA512
a882ca244b08e620a84f646d502d9db95f038e3df0ca6295f3626498b4aa653a7ed664ce4e528f303945cb64e0f27f94059a4a0b02c99f78056c939d87d023dc
Static task
static1
Behavioral task
behavioral1
Sample
b08e82fea6d6300d47f78a2a54aa95da15112e037e292e452d4f63c5cb6de676.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://amrp.tw/engr/gate.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b08e82fea6d6300d47f78a2a54aa95da15112e037e292e452d4f63c5cb6de676.exe
-
Size
846KB
-
MD5
e31802832554364edd0212a9dc61d0f5
-
SHA1
2ef0e361e1dcc9b4872a862d01ef95f40d6f7557
-
SHA256
b08e82fea6d6300d47f78a2a54aa95da15112e037e292e452d4f63c5cb6de676
-
SHA512
a882ca244b08e620a84f646d502d9db95f038e3df0ca6295f3626498b4aa653a7ed664ce4e528f303945cb64e0f27f94059a4a0b02c99f78056c939d87d023dc
-
Suspicious use of SetThreadContext
-