General
-
Target
9.exe
-
Size
533KB
-
Sample
211203-sqmjnabhd4
-
MD5
506d545decb39e0b0e1fb6e267107030
-
SHA1
cfb1e01dabb9624345724c59268f908861c35c9e
-
SHA256
9256e9d2b4578584dfe2fc02e4573bfb24eafdb7ce9ba52fc8428c08fe4b06fd
-
SHA512
6a67e267c01cb8d369b1f220189ab3785827ce32fcb9556009697e76528434b63d08dedf8d084af2f731b4208b2a492099f39f217cda34112748bfebc976ffc8
Static task
static1
Behavioral task
behavioral1
Sample
9.exe
Resource
win7-en-20211104
Behavioral task
behavioral2
Sample
9.exe
Resource
win10-en-20211014
Malware Config
Extracted
lokibot
http://benera.xyz/bigdolls/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
9.exe
-
Size
533KB
-
MD5
506d545decb39e0b0e1fb6e267107030
-
SHA1
cfb1e01dabb9624345724c59268f908861c35c9e
-
SHA256
9256e9d2b4578584dfe2fc02e4573bfb24eafdb7ce9ba52fc8428c08fe4b06fd
-
SHA512
6a67e267c01cb8d369b1f220189ab3785827ce32fcb9556009697e76528434b63d08dedf8d084af2f731b4208b2a492099f39f217cda34112748bfebc976ffc8
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-