General
-
Target
917dc0ea02f9597e9d43236fa9f7d637.exe
-
Size
697KB
-
Sample
210623-ydagl83e2e
-
MD5
917dc0ea02f9597e9d43236fa9f7d637
-
SHA1
e8904f56591df4148ac911e9851e073a90a120f2
-
SHA256
45ce5d0d1198fd183287729fd73b38c417180d9972d95c21dceecdf2990f6b51
-
SHA512
0e8250130083e8343e8039fa06ad60dacda573eb076adaa047639f866e01461939c5cf83c1ece2988d0e5cc4baf63d0b6a105b402abe303255ee9f84695b6021
Malware Config
Extracted
lokibot
http://63.141.228.141/32.php/S4wFP8QBww9Tp
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
917dc0ea02f9597e9d43236fa9f7d637.exe
-
Size
697KB
-
MD5
917dc0ea02f9597e9d43236fa9f7d637
-
SHA1
e8904f56591df4148ac911e9851e073a90a120f2
-
SHA256
45ce5d0d1198fd183287729fd73b38c417180d9972d95c21dceecdf2990f6b51
-
SHA512
0e8250130083e8343e8039fa06ad60dacda573eb076adaa047639f866e01461939c5cf83c1ece2988d0e5cc4baf63d0b6a105b402abe303255ee9f84695b6021
Score10/10-
Lokibot
Lokibot is a Password and CryptoCoin Wallet Stealer.
-
Suspicious use of SetThreadContext
-