General
-
Target
Reference Image.ace.exe
-
Size
774KB
-
Sample
221005-nfzn1sebf6
-
MD5
e9cf218af0dbaf1f3af0c3956e25cf4b
-
SHA1
d4a06df8aec6f59bd3c9cbf99e65787bc4cf9d65
-
SHA256
824dc523519e32a1f6c4101ade887b5464d6f11c5226441fe18dae17e8e34ce9
-
SHA512
4f325bcfb7643d9b2b4a179684de8ea0c1bdd31a44cb60acf31b6f761d151df5cc44e62689cc0afedda2e997122e6489a1017bb63361140b202d3f54caa40f57
-
SSDEEP
12288:YR/4vejpuBdbU6382ykQpBjIpuWwoBB4y9zGBr:S4ve2U6382ykGjMuErk
Static task
static1
Behavioral task
behavioral1
Sample
Reference Image.ace.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
Reference Image.ace.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
lokibot
http://ebelk.us/last/luck/azmxxp.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Reference Image.ace.exe
-
Size
774KB
-
MD5
e9cf218af0dbaf1f3af0c3956e25cf4b
-
SHA1
d4a06df8aec6f59bd3c9cbf99e65787bc4cf9d65
-
SHA256
824dc523519e32a1f6c4101ade887b5464d6f11c5226441fe18dae17e8e34ce9
-
SHA512
4f325bcfb7643d9b2b4a179684de8ea0c1bdd31a44cb60acf31b6f761d151df5cc44e62689cc0afedda2e997122e6489a1017bb63361140b202d3f54caa40f57
-
SSDEEP
12288:YR/4vejpuBdbU6382ykQpBjIpuWwoBB4y9zGBr:S4ve2U6382ykGjMuErk
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-