General
-
Target
67f8378339fc891cadd30317342a26b55ef14f2421044aea9560b2058619ff76
-
Size
356KB
-
Sample
211021-1alw7aage7
-
MD5
2da4313d81184d2c0063b445600a8625
-
SHA1
96dc61bbd4d509cb444b0205be54ac49a324ad0c
-
SHA256
67f8378339fc891cadd30317342a26b55ef14f2421044aea9560b2058619ff76
-
SHA512
b690f4a3a2781cbfdc5e697040ec94b7a60bef5fe2a2fbccfdb86c6a92ba45daf0f5385421ae88587ab735b6854eeda1bd13206866c837446ca0fb6e40a590dd
Static task
static1
Behavioral task
behavioral1
Sample
67f8378339fc891cadd30317342a26b55ef14f2421044aea9560b2058619ff76.exe
Resource
win10-en-20211014
Malware Config
Extracted
lokibot
http://checkvim.com/ga17/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
67f8378339fc891cadd30317342a26b55ef14f2421044aea9560b2058619ff76
-
Size
356KB
-
MD5
2da4313d81184d2c0063b445600a8625
-
SHA1
96dc61bbd4d509cb444b0205be54ac49a324ad0c
-
SHA256
67f8378339fc891cadd30317342a26b55ef14f2421044aea9560b2058619ff76
-
SHA512
b690f4a3a2781cbfdc5e697040ec94b7a60bef5fe2a2fbccfdb86c6a92ba45daf0f5385421ae88587ab735b6854eeda1bd13206866c837446ca0fb6e40a590dd
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-