General
-
Target
0e005cfd7e4bcc7846064aa8528de9e5
-
Size
1.2MB
-
Sample
211206-hvysdagce9
-
MD5
0e005cfd7e4bcc7846064aa8528de9e5
-
SHA1
734ab2e41d0d56f41c3d61435a766de2f0a9b943
-
SHA256
8c6c641775d3ba8e0eae9b87da749bbf011ceaae1e4d80465e17e77ffcac7c2f
-
SHA512
23832f037e34e221bba4932b0a2873302d7b49f304c2203c59f0ca8a44d0440e5c81724aa53417a95d44491b9408ec5603135e912e8496eaf3bbc626a4082a59
Static task
static1
Behavioral task
behavioral1
Sample
0e005cfd7e4bcc7846064aa8528de9e5.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
0e005cfd7e4bcc7846064aa8528de9e5.exe
Resource
win10-en-20211104
Malware Config
Extracted
lokibot
http://secure01-redirect.net/gb22/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
0e005cfd7e4bcc7846064aa8528de9e5
-
Size
1.2MB
-
MD5
0e005cfd7e4bcc7846064aa8528de9e5
-
SHA1
734ab2e41d0d56f41c3d61435a766de2f0a9b943
-
SHA256
8c6c641775d3ba8e0eae9b87da749bbf011ceaae1e4d80465e17e77ffcac7c2f
-
SHA512
23832f037e34e221bba4932b0a2873302d7b49f304c2203c59f0ca8a44d0440e5c81724aa53417a95d44491b9408ec5603135e912e8496eaf3bbc626a4082a59
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-