General
-
Target
SI1 X20'D000280.exe
-
Size
781KB
-
Sample
210511-3878dd21wn
-
MD5
a49265372ee1fb62e111a66c4ac76501
-
SHA1
34b72db4d0c4fcf0a9bfef1bac78ad2024fce51c
-
SHA256
f94b0dd0a257f49fe725f07b88aac985afc8b128a4c02578f3053a70697282e8
-
SHA512
f731c2089c36b8a0b4ec74f3a84c0c66d3ff3fe6c582a25841c099cf7eda305a9457ba8975081e3814cf8ff7bf8ba6d67bf1d00585828a84dea1a27c898b238c
Static task
static1
Behavioral task
behavioral1
Sample
SI1 X20'D000280.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://albemalb.com/dumbo/dumbo1/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SI1 X20'D000280.exe
-
Size
781KB
-
MD5
a49265372ee1fb62e111a66c4ac76501
-
SHA1
34b72db4d0c4fcf0a9bfef1bac78ad2024fce51c
-
SHA256
f94b0dd0a257f49fe725f07b88aac985afc8b128a4c02578f3053a70697282e8
-
SHA512
f731c2089c36b8a0b4ec74f3a84c0c66d3ff3fe6c582a25841c099cf7eda305a9457ba8975081e3814cf8ff7bf8ba6d67bf1d00585828a84dea1a27c898b238c
-
Suspicious use of SetThreadContext
-