General
-
Target
57d6ee60faf10320d9fd37d58aeec59e6735366afece642579ab6d9743c1731b.exe
-
Size
964KB
-
Sample
210421-y2x4htl9qs
-
MD5
71a14ce0723e4de96846bf22eed49d20
-
SHA1
14340d510faa92bd38ef6ec98e74f5845d37a451
-
SHA256
57d6ee60faf10320d9fd37d58aeec59e6735366afece642579ab6d9743c1731b
-
SHA512
4ff0b16cfe84f3c1b57638617f1eb9c332df95a531cd33f84dfde1987dc53d4ef1298dbfec33edac69d87844fefdb7d7f55519ae1c27ead2568551f50b27d728
Malware Config
Extracted
lokibot
http://amrp.tw/kayo/gate.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
57d6ee60faf10320d9fd37d58aeec59e6735366afece642579ab6d9743c1731b.exe
-
Size
964KB
-
MD5
71a14ce0723e4de96846bf22eed49d20
-
SHA1
14340d510faa92bd38ef6ec98e74f5845d37a451
-
SHA256
57d6ee60faf10320d9fd37d58aeec59e6735366afece642579ab6d9743c1731b
-
SHA512
4ff0b16cfe84f3c1b57638617f1eb9c332df95a531cd33f84dfde1987dc53d4ef1298dbfec33edac69d87844fefdb7d7f55519ae1c27ead2568551f50b27d728
Score10/10-
Lokibot
Lokibot is a Password and CryptoCoin Wallet Stealer.
-
Suspicious use of SetThreadContext
-