General
-
Target
307bc38e390ab59b21aadf74c29b2d6f07d6516eaffe6e46af4f1d112492fbaf.exe
-
Size
1.8MB
-
Sample
210421-ypj92vta4a
-
MD5
0077dbaaaccfeee44d2194c669a99624
-
SHA1
bcaf27906d4b00c9a9dc366104ff67dee02aff4c
-
SHA256
307bc38e390ab59b21aadf74c29b2d6f07d6516eaffe6e46af4f1d112492fbaf
-
SHA512
f76f0f7dae8949f716422b4810c00b49e447ff0ad707b71897d689089f09a98a9eaa8fac30efcaa99496ad25355d78c74ea64786b2c512b68d8048e196606d23
Static task
static1
Behavioral task
behavioral1
Sample
307bc38e390ab59b21aadf74c29b2d6f07d6516eaffe6e46af4f1d112492fbaf.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://104.168.140.79/smack/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
307bc38e390ab59b21aadf74c29b2d6f07d6516eaffe6e46af4f1d112492fbaf.exe
-
Size
1.8MB
-
MD5
0077dbaaaccfeee44d2194c669a99624
-
SHA1
bcaf27906d4b00c9a9dc366104ff67dee02aff4c
-
SHA256
307bc38e390ab59b21aadf74c29b2d6f07d6516eaffe6e46af4f1d112492fbaf
-
SHA512
f76f0f7dae8949f716422b4810c00b49e447ff0ad707b71897d689089f09a98a9eaa8fac30efcaa99496ad25355d78c74ea64786b2c512b68d8048e196606d23
-
Suspicious use of SetThreadContext
-