General
-
Target
9b183c1c75980e354b15479a73ece20256aa95a1f202284a4914630f556c0020
-
Size
387KB
-
Sample
220521-xgxqgsbfh9
-
MD5
52ebb3323d9e4fa93ef6b1094d2c6e77
-
SHA1
7897027d683144e51f4aaa41ce8399207fc8ed34
-
SHA256
9b183c1c75980e354b15479a73ece20256aa95a1f202284a4914630f556c0020
-
SHA512
c0cdd67c8551c423a4bc39a668d96c59cb2040d92c67cd36e57a6a7bc0996b49740de872be447eb259865d018147d007b2d81dc889ec6abe89cfb648f8c34199
Static task
static1
Behavioral task
behavioral1
Sample
PO_NO.231101-ENQUIRY Urgently.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
PO_NO.231101-ENQUIRY Urgently.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
PO_NO.231101-ENQUIRY Urgently.exe
-
Size
672KB
-
MD5
e8056167fda62ab345a642116eac4797
-
SHA1
22803cfc7c938439e3eb7becf61d1e4218d449bc
-
SHA256
0af98d66b8e07f0ecd7b08b403045c4ee83b402304b723d65afea8041a3db962
-
SHA512
12558781d805db53d901c09d06a9bd542008ba6bf9f8e17c8c198c8b8fabc9de0f6ae23d924fedd46ac7699dadbb0c46be9fb060352d4de27fdf4567f18b3103
Score10/10-
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1
-
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2
-
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-