General
-
Target
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec
-
Size
820KB
-
Sample
220703-c5gnyseag4
-
MD5
d28880400e567393c9bd4b2aed36c150
-
SHA1
5a918539c843ff18bc1e289cf2f4635f1bfc1dc0
-
SHA256
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec
-
SHA512
b154b735dbc48fda01f55f8f325469e281c625cf3c3a9239add106d37b06deb78dead620738f264c8e9a793c21060e3d632d512a32268f15a547efd73b01368c
Static task
static1
Behavioral task
behavioral1
Sample
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
lokibot
http://getupandcboz.com/amb/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec
-
Size
820KB
-
MD5
d28880400e567393c9bd4b2aed36c150
-
SHA1
5a918539c843ff18bc1e289cf2f4635f1bfc1dc0
-
SHA256
3d9207a7887f40927afae76998a27d15021bac62e0b648db3e40f8162046f4ec
-
SHA512
b154b735dbc48fda01f55f8f325469e281c625cf3c3a9239add106d37b06deb78dead620738f264c8e9a793c21060e3d632d512a32268f15a547efd73b01368c
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-