General
-
Target
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265
-
Size
516KB
-
Sample
220703-k9rzgsfef2
-
MD5
fc783cdba851b83e63f3b2e1c841e656
-
SHA1
94a3b3dae74b79fab03aa443064a2164927e833e
-
SHA256
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265
-
SHA512
12ee1d000010964063efecb5952191049ce8592c9ce12e1be818a416d8f4d8dd04f29081a88c578f38fd0fa1b9f8545e7ef2855daf4c222e659ebfa04a3a3466
Static task
static1
Behavioral task
behavioral1
Sample
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
lokibot
http://bibigreatz.com/mornings/panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265
-
Size
516KB
-
MD5
fc783cdba851b83e63f3b2e1c841e656
-
SHA1
94a3b3dae74b79fab03aa443064a2164927e833e
-
SHA256
3be535aecb8c0acf229f5f0cf0801def7b89309ea38be1a25d79e9902b68e265
-
SHA512
12ee1d000010964063efecb5952191049ce8592c9ce12e1be818a416d8f4d8dd04f29081a88c578f38fd0fa1b9f8545e7ef2855daf4c222e659ebfa04a3a3466
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-