General
-
Target
a60e97778614ab28c9e6acf9a2a76e8f42c09372af1a9e5e6802018e3cee2829.exe
-
Size
250KB
-
Sample
210727-e77qstgcrx
-
MD5
07c01497b1a48bd763519c1b2561ab2d
-
SHA1
7cd72784c6a4e251068a43cba935ebc8a1531c84
-
SHA256
a60e97778614ab28c9e6acf9a2a76e8f42c09372af1a9e5e6802018e3cee2829
-
SHA512
09213f2033186a671dad819e50d5740dc0b953f20fb2fddefc5798ce6bb5d1d40a3c8ed00b446104430541dd21f4bfdcee3e630215fba466f9cfe51fd9aea6b6
Static task
static1
Behavioral task
behavioral1
Sample
a60e97778614ab28c9e6acf9a2a76e8f42c09372af1a9e5e6802018e3cee2829.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://asiatrans.cf/BN1/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
a60e97778614ab28c9e6acf9a2a76e8f42c09372af1a9e5e6802018e3cee2829.exe
-
Size
250KB
-
MD5
07c01497b1a48bd763519c1b2561ab2d
-
SHA1
7cd72784c6a4e251068a43cba935ebc8a1531c84
-
SHA256
a60e97778614ab28c9e6acf9a2a76e8f42c09372af1a9e5e6802018e3cee2829
-
SHA512
09213f2033186a671dad819e50d5740dc0b953f20fb2fddefc5798ce6bb5d1d40a3c8ed00b446104430541dd21f4bfdcee3e630215fba466f9cfe51fd9aea6b6
-
Suspicious use of SetThreadContext
-