General
-
Target
f35a2268af460c9d1dd472608376c7877aca3b037e030ee6366d2e41a1f25818.exe
-
Size
789KB
-
Sample
210624-6tqrsm3ltn
-
MD5
b954b768fcdca7acd4a9e43715139650
-
SHA1
343bd24a325dfd24f7ccb0ece3052175c7187002
-
SHA256
f35a2268af460c9d1dd472608376c7877aca3b037e030ee6366d2e41a1f25818
-
SHA512
31994bbcfe804827574c2f9148768ceb8c120afbd0c0275b62448b83044c270982f11e813b83c65243782203279540a12eeba84fb67904e8a6b2c73ac7fa2001
Static task
static1
Behavioral task
behavioral1
Sample
f35a2268af460c9d1dd472608376c7877aca3b037e030ee6366d2e41a1f25818.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://192.119.111.43/smack/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
f35a2268af460c9d1dd472608376c7877aca3b037e030ee6366d2e41a1f25818.exe
-
Size
789KB
-
MD5
b954b768fcdca7acd4a9e43715139650
-
SHA1
343bd24a325dfd24f7ccb0ece3052175c7187002
-
SHA256
f35a2268af460c9d1dd472608376c7877aca3b037e030ee6366d2e41a1f25818
-
SHA512
31994bbcfe804827574c2f9148768ceb8c120afbd0c0275b62448b83044c270982f11e813b83c65243782203279540a12eeba84fb67904e8a6b2c73ac7fa2001
-
Suspicious use of SetThreadContext
-