General
-
Target
8ed7e6b478cf0c00934bb42e3bdf5e20.exe
-
Size
104KB
-
Sample
211204-2kdt1abgar
-
MD5
8ed7e6b478cf0c00934bb42e3bdf5e20
-
SHA1
ceb70c6dc5a85a64cc7a47e0ec12936f2d5e57db
-
SHA256
4395224e257fe5659011fb90649c89d295e80123d7622d6cdb5b09371573e1aa
-
SHA512
db4f78f56df60bcc906588546d0bb55b7ff9ec483484a6d70f891bb33fc84339cf1ee77973f785f1f71d6b1eb8090449078bdc8ededb70a41c094cfa0b5affee
Static task
static1
Behavioral task
behavioral1
Sample
8ed7e6b478cf0c00934bb42e3bdf5e20.exe
Resource
win7-en-20211104
Malware Config
Extracted
lokibot
http://naourl.com/data/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
8ed7e6b478cf0c00934bb42e3bdf5e20.exe
-
Size
104KB
-
MD5
8ed7e6b478cf0c00934bb42e3bdf5e20
-
SHA1
ceb70c6dc5a85a64cc7a47e0ec12936f2d5e57db
-
SHA256
4395224e257fe5659011fb90649c89d295e80123d7622d6cdb5b09371573e1aa
-
SHA512
db4f78f56df60bcc906588546d0bb55b7ff9ec483484a6d70f891bb33fc84339cf1ee77973f785f1f71d6b1eb8090449078bdc8ededb70a41c094cfa0b5affee
-
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
-
Accesses Microsoft Outlook profiles
-