General
-
Target
0n4xyK1WyMB3UE2.exe
-
Size
1.1MB
-
Sample
210721-dwww2rxl6s
-
MD5
825ebfccb4c9e1b2a71f8e931d751aaf
-
SHA1
9318735795acaca9794a92030492b9c2c5fc0aab
-
SHA256
c17b37bb3f9b18f160029a7d48d3beef1a15cb3fd51033e6c6ccf4c871377c12
-
SHA512
6609b39beec7a86d7994a8b3198556ede8a9654ce84d517ccdc58d5d650361a1e369faba05ca5c93ed998355c60d2c17a9031547f5df9a865e42ab644f7f2bf0
Static task
static1
Behavioral task
behavioral1
Sample
0n4xyK1WyMB3UE2.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
https://luoslasco.xyz/to/ya/vd.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
0n4xyK1WyMB3UE2.exe
-
Size
1.1MB
-
MD5
825ebfccb4c9e1b2a71f8e931d751aaf
-
SHA1
9318735795acaca9794a92030492b9c2c5fc0aab
-
SHA256
c17b37bb3f9b18f160029a7d48d3beef1a15cb3fd51033e6c6ccf4c871377c12
-
SHA512
6609b39beec7a86d7994a8b3198556ede8a9654ce84d517ccdc58d5d650361a1e369faba05ca5c93ed998355c60d2c17a9031547f5df9a865e42ab644f7f2bf0
-
Suspicious use of SetThreadContext
-