General
-
Target
bc342f9679aeab723916338bce061ae5.exe
-
Size
148KB
-
Sample
210423-ajk8zakw7x
-
MD5
bc342f9679aeab723916338bce061ae5
-
SHA1
883248ca2481b280aa53047a1aa77009321fdcae
-
SHA256
5d96ff0fc3e6847c93e28bce3c25bce90dd5401fc147def6ee33c5d90bfb3add
-
SHA512
f3b8cd24788fca6fd6219ad98652d662668388c7f7b610d7535201e4ff8b1d211b3a0e75e607776b6f842b42d084e6782e485338aa775030ea0a078d43a50908
Static task
static1
Behavioral task
behavioral1
Sample
bc342f9679aeab723916338bce061ae5.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://meirback.co.uk/Bn1/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
bc342f9679aeab723916338bce061ae5.exe
-
Size
148KB
-
MD5
bc342f9679aeab723916338bce061ae5
-
SHA1
883248ca2481b280aa53047a1aa77009321fdcae
-
SHA256
5d96ff0fc3e6847c93e28bce3c25bce90dd5401fc147def6ee33c5d90bfb3add
-
SHA512
f3b8cd24788fca6fd6219ad98652d662668388c7f7b610d7535201e4ff8b1d211b3a0e75e607776b6f842b42d084e6782e485338aa775030ea0a078d43a50908
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-