General
-
Target
a0339a15a2f219b54b3c1a6b4afbc6be
-
Size
632KB
-
Sample
210722-2jekt7zm2n
-
MD5
a0339a15a2f219b54b3c1a6b4afbc6be
-
SHA1
7df7a7515715283591582974eb47197c9369efe3
-
SHA256
eef89bbd9fcfb6e1b095b5302af5c176ed593bf9c6ce26d0be6ebeddc7fa0e6a
-
SHA512
30037c5446b79946da950d99ba0b315134d7793307f8fb25255a0db8121d70f8df201029ffd00d7cb4b1ed6201ab60795727b983296a03a0a5a2fac28d792a84
Static task
static1
Behavioral task
behavioral1
Sample
a0339a15a2f219b54b3c1a6b4afbc6be.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://vikinproducts.com/Mrlogs/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
a0339a15a2f219b54b3c1a6b4afbc6be
-
Size
632KB
-
MD5
a0339a15a2f219b54b3c1a6b4afbc6be
-
SHA1
7df7a7515715283591582974eb47197c9369efe3
-
SHA256
eef89bbd9fcfb6e1b095b5302af5c176ed593bf9c6ce26d0be6ebeddc7fa0e6a
-
SHA512
30037c5446b79946da950d99ba0b315134d7793307f8fb25255a0db8121d70f8df201029ffd00d7cb4b1ed6201ab60795727b983296a03a0a5a2fac28d792a84
-
Suspicious use of SetThreadContext
-