General
-
Target
20210623.exe
-
Size
702KB
-
Sample
210623-ylsjcdz18s
-
MD5
385565f333a4e01d574a70da283cb484
-
SHA1
c87fb9da1a64badef26e38d517fca5309b5f9627
-
SHA256
c2f19d09b75e7e3a3fc37523b1b65b63850819c18882947359eacd8ef9c833f3
-
SHA512
79b36ff30f8b3fa747a9c828675c85e612611b2ca8cba23889cdd389fba2c716af39ee7cc0a6446727996ab749e0115dab8170229abc04d963cfbff06321ce2f
Static task
static1
Behavioral task
behavioral1
Sample
20210623.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://192.119.111.43/dx/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
20210623.exe
-
Size
702KB
-
MD5
385565f333a4e01d574a70da283cb484
-
SHA1
c87fb9da1a64badef26e38d517fca5309b5f9627
-
SHA256
c2f19d09b75e7e3a3fc37523b1b65b63850819c18882947359eacd8ef9c833f3
-
SHA512
79b36ff30f8b3fa747a9c828675c85e612611b2ca8cba23889cdd389fba2c716af39ee7cc0a6446727996ab749e0115dab8170229abc04d963cfbff06321ce2f
-
Suspicious use of SetThreadContext
-