General
-
Target
1d55c9d6edbd2a75e3202646ddd3649e3249ba8b43ff051299859a5edd258cf6
-
Size
244KB
-
Sample
211021-1alanaage5
-
MD5
4f9a6937b1bb97f14cf0bac59fbde3a8
-
SHA1
e9be17e15e74634171c44fa84c28d256747de3fd
-
SHA256
1d55c9d6edbd2a75e3202646ddd3649e3249ba8b43ff051299859a5edd258cf6
-
SHA512
9776b111c1982e82e38fa7743839e06736a6fe77296c4f0e6515a4526f046ff0b201f4b77a6765fccd0f4d721d9db1455a57d86d3f42895fd6a17184bca9e0b0
Static task
static1
Behavioral task
behavioral1
Sample
1d55c9d6edbd2a75e3202646ddd3649e3249ba8b43ff051299859a5edd258cf6.exe
Resource
win10-en-20210920
Malware Config
Extracted
lokibot
http://63.250.40.204/~wpdemo/file.php?search=745675
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
1d55c9d6edbd2a75e3202646ddd3649e3249ba8b43ff051299859a5edd258cf6
-
Size
244KB
-
MD5
4f9a6937b1bb97f14cf0bac59fbde3a8
-
SHA1
e9be17e15e74634171c44fa84c28d256747de3fd
-
SHA256
1d55c9d6edbd2a75e3202646ddd3649e3249ba8b43ff051299859a5edd258cf6
-
SHA512
9776b111c1982e82e38fa7743839e06736a6fe77296c4f0e6515a4526f046ff0b201f4b77a6765fccd0f4d721d9db1455a57d86d3f42895fd6a17184bca9e0b0
Score10/10-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-