General
-
Target
UNAM463MX5694.exe
-
Size
864KB
-
Sample
221005-shaj5aefe6
-
MD5
7d138abf1c52a9a83c10beb3a280c97a
-
SHA1
b4faddfefe4a1505c7b98390a91860316358774b
-
SHA256
74e53af9391a576f9ab4cc6182f51514946d4e7c41db02ea8927c6f5bb0ca54d
-
SHA512
bebf48963263650851c349d0c2e81fac315b432caec478718d2ee43e12bff9e477f8211a589484de9c12a0d2bba5d319a5ec986d03661f312bc2b2221cb61564
-
SSDEEP
12288:3JUc2iNPR/4veraoKvYfcVBEjR5rlHB1Xm+P7RYNKnpRrjySYuYy6Oof:3H1v4verLKwfcQ9/H3vkKpRyf
Static task
static1
Behavioral task
behavioral1
Sample
UNAM463MX5694.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
UNAM463MX5694.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lokibot
http://162.0.223.13/?08fequikdahgueq78uc
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
UNAM463MX5694.exe
-
Size
864KB
-
MD5
7d138abf1c52a9a83c10beb3a280c97a
-
SHA1
b4faddfefe4a1505c7b98390a91860316358774b
-
SHA256
74e53af9391a576f9ab4cc6182f51514946d4e7c41db02ea8927c6f5bb0ca54d
-
SHA512
bebf48963263650851c349d0c2e81fac315b432caec478718d2ee43e12bff9e477f8211a589484de9c12a0d2bba5d319a5ec986d03661f312bc2b2221cb61564
-
SSDEEP
12288:3JUc2iNPR/4veraoKvYfcVBEjR5rlHB1Xm+P7RYNKnpRrjySYuYy6Oof:3H1v4verLKwfcQ9/H3vkKpRyf
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-