General
-
Target
0c54fd3a046b8cc613dbb2d9bf898855062ff126e1a68b50115e19ea46da8779
-
Size
658KB
-
Sample
220930-tqflsafadj
-
MD5
6ceb2d9a052e93d24796de4052eb7cfa
-
SHA1
d85c5f925531e95f9e433a2e5c188f4be02daff4
-
SHA256
0c54fd3a046b8cc613dbb2d9bf898855062ff126e1a68b50115e19ea46da8779
-
SHA512
47ab8f952295adef7b0de17007fd2922af9015aa11e9d4b4b9a34c9901e85169d8ad43797261090383aab4024dd981a7d9d81e07e32de98e29a0565f9c666d8c
-
SSDEEP
12288:JHokkGoYMr0FIqAegqJwBws2d6GV89MA2YO:6PGoYgqiw58DyvYO
Static task
static1
Behavioral task
behavioral1
Sample
0c54fd3a046b8cc613dbb2d9bf898855062ff126e1a68b50115e19ea46da8779.exe
Resource
win10-20220812-en
Malware Config
Extracted
lokibot
http://208.67.105.161/donstan/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
0c54fd3a046b8cc613dbb2d9bf898855062ff126e1a68b50115e19ea46da8779
-
Size
658KB
-
MD5
6ceb2d9a052e93d24796de4052eb7cfa
-
SHA1
d85c5f925531e95f9e433a2e5c188f4be02daff4
-
SHA256
0c54fd3a046b8cc613dbb2d9bf898855062ff126e1a68b50115e19ea46da8779
-
SHA512
47ab8f952295adef7b0de17007fd2922af9015aa11e9d4b4b9a34c9901e85169d8ad43797261090383aab4024dd981a7d9d81e07e32de98e29a0565f9c666d8c
-
SSDEEP
12288:JHokkGoYMr0FIqAegqJwBws2d6GV89MA2YO:6PGoYgqiw58DyvYO
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-