General
-
Target
DC9095857497494.BAT
-
Size
1MB
-
Sample
211206-k97pyaged9
-
MD5
69e50153619ce219aa8b526cc8c6cb1d
-
SHA1
7a5429ca50ce7d5cc462a0d26127a179259113d6
-
SHA256
4f68d7352e104d5eac36c27fd94ebd352aae06cc335f363df2f9de78933ed92d
-
SHA512
ed377cd25ed5e6e3a0e2b8489c03f444f9a968ee0c59cc83be7f9c7744b916368d2c9aa2282a0fa79de7fff790a0ca4aa21986a200c004a89fbd12585bf96798
Static task
static1
Behavioral task
behavioral1
Sample
DC9095857497494.BAT.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
DC9095857497494.BAT.exe
Resource
win10-en-20211104
Malware Config
Extracted
lokibot
http://umuloki.xyz/xx/za/nn.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
DC9095857497494.BAT
-
Size
1MB
-
MD5
69e50153619ce219aa8b526cc8c6cb1d
-
SHA1
7a5429ca50ce7d5cc462a0d26127a179259113d6
-
SHA256
4f68d7352e104d5eac36c27fd94ebd352aae06cc335f363df2f9de78933ed92d
-
SHA512
ed377cd25ed5e6e3a0e2b8489c03f444f9a968ee0c59cc83be7f9c7744b916368d2c9aa2282a0fa79de7fff790a0ca4aa21986a200c004a89fbd12585bf96798
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-