General
-
Target
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd
-
Size
812KB
-
Sample
220414-pwy8vscah6
-
MD5
69a77e6a7fccb87c1fb85e2cfe12003f
-
SHA1
58876e79c7397ab11cc2d7897a32ac52cf713dae
-
SHA256
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd
-
SHA512
4b0d1380b95f5507b01eaf7fc1e7ae85238513f136d50326881e1bc27579fb9f1c493608ac5a4f1107f1d49a2b95a49bd8c0db77d3cebdbd39f1022f3503f504
Static task
static1
Behavioral task
behavioral1
Sample
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd.exe
Resource
win10v2004-20220310-en
Malware Config
Extracted
lokibot
http://185.208.182.56/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd
-
Size
812KB
-
MD5
69a77e6a7fccb87c1fb85e2cfe12003f
-
SHA1
58876e79c7397ab11cc2d7897a32ac52cf713dae
-
SHA256
8eb301b6e0ebb3a9aed1e3056635c3e6ba357d71e2e72a85a649e01ee3bff6dd
-
SHA512
4b0d1380b95f5507b01eaf7fc1e7ae85238513f136d50326881e1bc27579fb9f1c493608ac5a4f1107f1d49a2b95a49bd8c0db77d3cebdbd39f1022f3503f504
Score10/10-
Meta Stealer Stealer
Meta Stealer steals passwords stored in browsers, written in C++.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-