General
-
Target
QUOTATIOLIST 1 AND 2#20210624.exe
-
Size
1.1MB
-
Sample
210624-jecakcry7n
-
MD5
88acc19bb5aeadde7e02503b6aa22906
-
SHA1
941f2c07764b1d1c95fff900e89458472c90678e
-
SHA256
a1fe7846c377b67e98dcb11b0a87dd9f1f994c1910caeaa6ce53402bbcb6f444
-
SHA512
9875fb5690ac52ae403d5de7e9eb3eb5bdfd124966c5c7e7e5421724e9cab0683b7a4b71faa077fa830d2583a167658e0d78cf86dde3858d3f15a9097359686d
Static task
static1
Behavioral task
behavioral1
Sample
QUOTATIOLIST 1 AND 2#20210624.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://apponline97.ir/china/Panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
QUOTATIOLIST 1 AND 2#20210624.exe
-
Size
1.1MB
-
MD5
88acc19bb5aeadde7e02503b6aa22906
-
SHA1
941f2c07764b1d1c95fff900e89458472c90678e
-
SHA256
a1fe7846c377b67e98dcb11b0a87dd9f1f994c1910caeaa6ce53402bbcb6f444
-
SHA512
9875fb5690ac52ae403d5de7e9eb3eb5bdfd124966c5c7e7e5421724e9cab0683b7a4b71faa077fa830d2583a167658e0d78cf86dde3858d3f15a9097359686d
-
Suspicious use of SetThreadContext
-