General
-
Target
b445a79380a50d3f1447597a287e3dda84286ee66d76d0fbda22a04edba1d16e.exe
-
Size
688KB
-
Sample
210623-2safcjsn5s
-
MD5
4f261af0216ef7306e2ff076a2462358
-
SHA1
8c07c49d5abb7474eab731a8f3111a7dd62e7cb1
-
SHA256
b445a79380a50d3f1447597a287e3dda84286ee66d76d0fbda22a04edba1d16e
-
SHA512
98c8471066343ac78063d97be0b23a84486ef2f963e8f3f96b3273e7b05b6fe14c4cf9f5e1d0f2d1a2811099bc9cbe7f4a284ef4c8f1619e2b61808ba8704393
Static task
static1
Behavioral task
behavioral1
Sample
b445a79380a50d3f1447597a287e3dda84286ee66d76d0fbda22a04edba1d16e.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://63.141.228.141/32.php/hVjgJl5jKemRQ
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b445a79380a50d3f1447597a287e3dda84286ee66d76d0fbda22a04edba1d16e.exe
-
Size
688KB
-
MD5
4f261af0216ef7306e2ff076a2462358
-
SHA1
8c07c49d5abb7474eab731a8f3111a7dd62e7cb1
-
SHA256
b445a79380a50d3f1447597a287e3dda84286ee66d76d0fbda22a04edba1d16e
-
SHA512
98c8471066343ac78063d97be0b23a84486ef2f963e8f3f96b3273e7b05b6fe14c4cf9f5e1d0f2d1a2811099bc9cbe7f4a284ef4c8f1619e2b61808ba8704393
-
Suspicious use of SetThreadContext
-