General
-
Target
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415
-
Size
1.1MB
-
Sample
220703-je699aafbj
-
MD5
c27be193813e2c3b79024fcfa93bd6e9
-
SHA1
3e63e7426c6543e0f14bdc9746e25b78b27c9da7
-
SHA256
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415
-
SHA512
ebe7af77ef7b9cc2d6c3b8df36fb66aa5aa4319e64d3e06508045398a8440b63cd35d69ffd88e198f30dfa6db13e6545ada93cd0fcec008488c481458234e3d4
Static task
static1
Behavioral task
behavioral1
Sample
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
lokibot
http://lidgeys.ru/buch-l/fred.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415
-
Size
1.1MB
-
MD5
c27be193813e2c3b79024fcfa93bd6e9
-
SHA1
3e63e7426c6543e0f14bdc9746e25b78b27c9da7
-
SHA256
3c665268a5f617571c9ca1b77daf03b08e17163b409aa2f5540ec6ac1161b415
-
SHA512
ebe7af77ef7b9cc2d6c3b8df36fb66aa5aa4319e64d3e06508045398a8440b63cd35d69ffd88e198f30dfa6db13e6545ada93cd0fcec008488c481458234e3d4
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-