General
-
Target
f1d22e527253f4cd87eb490df707ba00.exe
-
Size
1.0MB
-
Sample
211206-jh4zasgda6
-
MD5
f1d22e527253f4cd87eb490df707ba00
-
SHA1
c0cfb5fdf1ef8eec7cb7f0a753391e768bacb8fd
-
SHA256
5d292d4801d37591a78cc668219f7a7279a830fbbe01dd8e4bbe4a8a7d43f127
-
SHA512
246467627447e89202e939e1890bfaf7da4b626aef5706f3688eea6842cc8423949409a5409069f958466679c251517627d57834d4114b94524d79a146cb1827
Static task
static1
Behavioral task
behavioral1
Sample
f1d22e527253f4cd87eb490df707ba00.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
f1d22e527253f4cd87eb490df707ba00.exe
Resource
win10-en-20211104
Malware Config
Extracted
lokibot
http://195.133.18.144/main/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
f1d22e527253f4cd87eb490df707ba00.exe
-
Size
1.0MB
-
MD5
f1d22e527253f4cd87eb490df707ba00
-
SHA1
c0cfb5fdf1ef8eec7cb7f0a753391e768bacb8fd
-
SHA256
5d292d4801d37591a78cc668219f7a7279a830fbbe01dd8e4bbe4a8a7d43f127
-
SHA512
246467627447e89202e939e1890bfaf7da4b626aef5706f3688eea6842cc8423949409a5409069f958466679c251517627d57834d4114b94524d79a146cb1827
Score10/10-
Downloads MZ/PE file
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-