General
-
Target
P02021-10085Rev03-021007-020045-Lager-Yokes.e.exe
-
Size
696KB
-
Sample
210423-gylzw5f2se
-
MD5
a439861734c3466577c774cf7d769e07
-
SHA1
1400c8ffb8d55af818ac13ff9a0504cebfa64da6
-
SHA256
d39e089925a20c33956c2116f41769ba0199497985922bfac15cc78403415d69
-
SHA512
881c1ccedfb75db67583810f2ea1a5f862b689335986114acc7b139e7e9b06a0a6014662d64971f8a542ac2186de275ab6e6a9ef23204f17d14e876f4daf1888
Static task
static1
Behavioral task
behavioral1
Sample
P02021-10085Rev03-021007-020045-Lager-Yokes.e.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://optimalwellengineering.com/f9wp/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
P02021-10085Rev03-021007-020045-Lager-Yokes.e.exe
-
Size
696KB
-
MD5
a439861734c3466577c774cf7d769e07
-
SHA1
1400c8ffb8d55af818ac13ff9a0504cebfa64da6
-
SHA256
d39e089925a20c33956c2116f41769ba0199497985922bfac15cc78403415d69
-
SHA512
881c1ccedfb75db67583810f2ea1a5f862b689335986114acc7b139e7e9b06a0a6014662d64971f8a542ac2186de275ab6e6a9ef23204f17d14e876f4daf1888
-
Suspicious use of SetThreadContext
-