General
-
Target
ED09324848.SCR.exe
-
Size
932KB
-
Sample
211207-htsvqsbae7
-
MD5
88f4f088899257331f22db2b267c49b2
-
SHA1
9acf64a627e8630f6494e7835eba0b0412d72711
-
SHA256
5a3e05cc8140c58c6ae54ef96b726368210f5e1635d1fb4902161db57ff174ec
-
SHA512
cc7d693dd9fcbbc07fb9ea11d83a525921bfbf288e6cebebfa160fae952cc531c22686e2c61cbd1996b4524f870d6f07517b189d5cf0e77fd2207118d81436f5
Static task
static1
Behavioral task
behavioral1
Sample
ED09324848.SCR.exe
Resource
win7-en-20211014
Behavioral task
behavioral2
Sample
ED09324848.SCR.exe
Resource
win10-en-20211104
Malware Config
Extracted
lokibot
http://lokich.xyz/icecobe/so/white.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
ED09324848.SCR.exe
-
Size
932KB
-
MD5
88f4f088899257331f22db2b267c49b2
-
SHA1
9acf64a627e8630f6494e7835eba0b0412d72711
-
SHA256
5a3e05cc8140c58c6ae54ef96b726368210f5e1635d1fb4902161db57ff174ec
-
SHA512
cc7d693dd9fcbbc07fb9ea11d83a525921bfbf288e6cebebfa160fae952cc531c22686e2c61cbd1996b4524f870d6f07517b189d5cf0e77fd2207118d81436f5
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-