General
-
Target
7ab9b1c69859f602ff3b58664f229f867a14c8c18773b73835845785ba790639
-
Size
905KB
-
Sample
220725-eazbmadce4
-
MD5
21c48938a76f61ec177a71a7c8643e04
-
SHA1
924e57a542a238f4669976feee7eecc75f776cbb
-
SHA256
7ab9b1c69859f602ff3b58664f229f867a14c8c18773b73835845785ba790639
-
SHA512
f60b2a4a0615f28e75411a83964a0a630552757f543dd4f0c052759fa1c9ed54966e150184970ac352e5fd0744096e9f3ccea495d854eea5187f58b2e93d2cf8
Behavioral task
behavioral1
Sample
7ab9b1c69859f602ff3b58664f229f867a14c8c18773b73835845785ba790639.exe
Resource
win7-20220715-en
Malware Config
Extracted
lokibot
http://198.23.200.241/~power13/.sixnrpq/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
7ab9b1c69859f602ff3b58664f229f867a14c8c18773b73835845785ba790639
-
Size
905KB
-
MD5
21c48938a76f61ec177a71a7c8643e04
-
SHA1
924e57a542a238f4669976feee7eecc75f776cbb
-
SHA256
7ab9b1c69859f602ff3b58664f229f867a14c8c18773b73835845785ba790639
-
SHA512
f60b2a4a0615f28e75411a83964a0a630552757f543dd4f0c052759fa1c9ed54966e150184970ac352e5fd0744096e9f3ccea495d854eea5187f58b2e93d2cf8
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-