General
-
Target
202107270010.exe
-
Size
13KB
-
Sample
210727-4sstcknvnx
-
MD5
3dff5c2b37da43ac40de3e0d5fa5b357
-
SHA1
ad8051789c990e68f850ad5d58bea12e321bae18
-
SHA256
730bfa776152c38152b5c9180061bf02b4b63a62f2f214cf022bce4bda218c8a
-
SHA512
b866abd538be4fde091b9f4498c25d6096d55667bad638ad96fb305fd54b140072d27fd0cb7f574581f5de8f33b58cc41bcfc595a5474eb8be663f6b7505da14
Static task
static1
Behavioral task
behavioral1
Sample
202107270010.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
https://vistusexpress.ao/wp-img/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
202107270010.exe
-
Size
13KB
-
MD5
3dff5c2b37da43ac40de3e0d5fa5b357
-
SHA1
ad8051789c990e68f850ad5d58bea12e321bae18
-
SHA256
730bfa776152c38152b5c9180061bf02b4b63a62f2f214cf022bce4bda218c8a
-
SHA512
b866abd538be4fde091b9f4498c25d6096d55667bad638ad96fb305fd54b140072d27fd0cb7f574581f5de8f33b58cc41bcfc595a5474eb8be663f6b7505da14
-
suricata: ET MALWARE LokiBot Checkin
-
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
-
Downloads MZ/PE file
-
Suspicious use of SetThreadContext
-