General
-
Target
2b4a20c7ac0f31d680f8f86f10d31381040715e16cd9f605429d65957a917c4c
-
Size
329KB
-
Sample
211202-n83w5sfham
-
MD5
5089bf5ac02e22d6bacbd5445e606b25
-
SHA1
9da97885294c646e67d4a0c9d4bfb0f983a15a18
-
SHA256
2b4a20c7ac0f31d680f8f86f10d31381040715e16cd9f605429d65957a917c4c
-
SHA512
d5944acbb48fa232ae4ee1aa58fadf9752d3658c054e15adcc4b3a576cd1f162dc08e92578100bfa48966a3e83bb59f23388fefae08b827772228784dc51465c
Static task
static1
Malware Config
Extracted
lokibot
http://secure01-redirect.net/gb7/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
2b4a20c7ac0f31d680f8f86f10d31381040715e16cd9f605429d65957a917c4c
-
Size
329KB
-
MD5
5089bf5ac02e22d6bacbd5445e606b25
-
SHA1
9da97885294c646e67d4a0c9d4bfb0f983a15a18
-
SHA256
2b4a20c7ac0f31d680f8f86f10d31381040715e16cd9f605429d65957a917c4c
-
SHA512
d5944acbb48fa232ae4ee1aa58fadf9752d3658c054e15adcc4b3a576cd1f162dc08e92578100bfa48966a3e83bb59f23388fefae08b827772228784dc51465c
-
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
-
Accesses Microsoft Outlook profiles
-