General
-
Target
SCM21&SKD11.exe
-
Size
420KB
-
Sample
210926-vmdhpafagk
-
MD5
13c9a3b75f24d3345da1a23fb73e2079
-
SHA1
d225cee96deafd8c3f7af2de045c140a37ddb093
-
SHA256
0725fca33372579e5a29345410b84ee7faf61bb276dd15ad4f21b4cb5a42e9f3
-
SHA512
99131f8a4594380d2c96e976548e701d597a48abc430d9b1510b999870d50bb63efb12d8996e67baeb5c984102a5c296312b67eb35e6ee1f9d9d9b42505a9610
Static task
static1
Behavioral task
behavioral1
Sample
SCM21&SKD11.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://23.254.225.235/flex/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SCM21&SKD11.exe
-
Size
420KB
-
MD5
13c9a3b75f24d3345da1a23fb73e2079
-
SHA1
d225cee96deafd8c3f7af2de045c140a37ddb093
-
SHA256
0725fca33372579e5a29345410b84ee7faf61bb276dd15ad4f21b4cb5a42e9f3
-
SHA512
99131f8a4594380d2c96e976548e701d597a48abc430d9b1510b999870d50bb63efb12d8996e67baeb5c984102a5c296312b67eb35e6ee1f9d9d9b42505a9610
-
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
-
Suspicious use of SetThreadContext
-