General
-
Target
3c285fea2389acdfd36a0b235f701aef5e03629838b401db8197830bce1aa7e1
-
Size
753KB
-
Sample
220703-kbqzjabhfr
-
MD5
934f5d55869362d924c51b0e2e8c6c66
-
SHA1
564fe94f15ef1c9d5fc245f702e5f8d029ae9a3c
-
SHA256
3c285fea2389acdfd36a0b235f701aef5e03629838b401db8197830bce1aa7e1
-
SHA512
b29563682eb09174246eae5da72e17bcc4668817c6bb55bf5d5a535ab4a08d72574cb29ce7266953ccd600b225ba84c6c7c1c6f8d1be58ef0cf8f8c36147c05a
Static task
static1
Behavioral task
behavioral1
Sample
3c285fea2389acdfd36a0b235f701aef5e03629838b401db8197830bce1aa7e1.exe
Resource
win7-20220414-en
Malware Config
Extracted
lokibot
http://www.dreadtraders.tk/szdfds/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3c285fea2389acdfd36a0b235f701aef5e03629838b401db8197830bce1aa7e1
-
Size
753KB
-
MD5
934f5d55869362d924c51b0e2e8c6c66
-
SHA1
564fe94f15ef1c9d5fc245f702e5f8d029ae9a3c
-
SHA256
3c285fea2389acdfd36a0b235f701aef5e03629838b401db8197830bce1aa7e1
-
SHA512
b29563682eb09174246eae5da72e17bcc4668817c6bb55bf5d5a535ab4a08d72574cb29ce7266953ccd600b225ba84c6c7c1c6f8d1be58ef0cf8f8c36147c05a
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-