General
-
Target
SecuriteInfo.com.Trojan.MSIL.LokiBot.RPS.MTB.10978.4642.exe
-
Size
850KB
-
Sample
221012-emxzbscda8
-
MD5
563e92482225cccdf613e99a5e9c5878
-
SHA1
19cdb164b288f7eeb0573085dd0618181c7ba19c
-
SHA256
62d20f5ce8950e995b0736bb3bafedb34f3b7d95f190b3a0a1592d808f697cac
-
SHA512
c571e069330a3ee8d25ea9ccb4e53de580288e40258e108d7c0ebcef7cbcc58df851366c6f8a4fdb64389fe1ec6478973a72e15fc6f0fe7f784d083497fe6b47
-
SSDEEP
12288:dp/HG5izZHPnmxRhsonwF4ZwPSS2v77j1I1N7Zd:nZHPmvhsk2D875I1N7
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.MSIL.LokiBot.RPS.MTB.10978.4642.exe
Resource
win7-20220812-en
Malware Config
Extracted
formbook
mmtr
A2DZqKcj5ytLVZtHJA==
fMXPWQG+JWa0S6lZOg==
8kymMDxB6ShVJHxu2gshFtXY9Rw=
1TcOF6WxcdzplqFGcUCNkBY=
k3TLhZ+bOG7ahplcPA==
K4kL5Aq5abHNS6lZOg==
mXDSo9XmxlqYN6psOA==
m+RNCVT4shAb
G1kzROn+2jCug7F5psQ=
qNYsJkWzqwkZ
0BcDQuH0xt4oBh4=
pfRW4ZhmRsEiyvP2Mg==
Sqgj4eztyCg0Ezwo39iHXQ==
bIi2etJbcdUB
k2g3gBesND9hUoKOzGaVFKX6IuUaknqH1Q==
8dFDXQPnb4s+sWfhwoqOdgmABBK+YGg=
Pn9PmDzelx84EjfdzY0WkiRPz6i4
SrUfvOfNO3DMdLvB
GFXHQ9NuPdHsxOiU2umGMSiTvQE=
Kv9sdrhSbDfMdLvB
0BP6SMdfZe0=
Fl9YrjrsY3yPcZsGJL5KQg==
OBVr6FSzqwkZ
UJeO5oYq0kJjHBfB50vi3aAnkQ==
ImHJSjymU8oQ
4jEWBDVCEW+ZlcN0KN3v
eMoitt7JSH2HaKx0KN3v
C2vSbJSqetPuq7F0KN3v
gWcoOtbjvU68b6bD
XL2ZjKRp8z1lF2T+0sw=
6y35AIdp+O+H1wobLQ==
Q9ZKFkouoNP1we60LMDl
9ltHTW0GzWapec1LJNjxSlOm7a+w
l7d4+LOXM3782go=
URUNnUgWrMfKjYddTQgPDdXY9Rw=
VJmoBI1S5f8cz1gnIw==
wKv5b/utK22seZUGJL5KQg==
xAfW2nN9X1V3cbhmCTk7RQ==
EVvqxNyaHXjBV77HDdM=
Dl2X3ndBIm2yM6ZRa8NLQA==
f9Z59IKzkA8O
E2NpxIazkA8O
xyMcaBMp1xQrLW0hWjKbDc5N
OY4M4fO7lOAEAjX3Kkp67LUjRwcsknqH1Q==
OYtqhgPf7DtlGh4=
ermg8HUcmuT5psNphdl+eAs=
Im/HTEZA4g4RqykeWFfm
7T23dIBqJX/MdLvB
6dFHFhDOte5NDB0=
I3Ngq11D/Ov61AA=
SqP4dW1lC+5NDB0=
yJ+qP/TCnAwW8kY3RQmpW3qmmQ==
UbWlxHCQV8/y2w8RauxeQgE=
0KOF1JwhrdAR
BF/jpcXPi7UVEGAUL69WSg==
HHdwwksTqcvm1A/AqGf60qXcIGoVYBRm3Q==
i1nDz1teN88V8R/kwkCNkBY=
rPVY6PjqshMt7RLKwW+I3rbvOg8uknqH1Q==
/2TrwPD7kcrxueftLvIXcCVx/b+/7Rfx
+U7WpMmsOY69prx8XAKfW3qmmQ==
aWcsXqQ9SrvAS6lZOg==
/OHzgirgSoOzpePqTiyAfg8=
2CoQYwO+LZjJteblFLOeOtJQ
xUN4AJdF7Osp9g==
vendingmachinesltd.com
Targets
-
-
Target
SecuriteInfo.com.Trojan.MSIL.LokiBot.RPS.MTB.10978.4642.exe
-
Size
850KB
-
MD5
563e92482225cccdf613e99a5e9c5878
-
SHA1
19cdb164b288f7eeb0573085dd0618181c7ba19c
-
SHA256
62d20f5ce8950e995b0736bb3bafedb34f3b7d95f190b3a0a1592d808f697cac
-
SHA512
c571e069330a3ee8d25ea9ccb4e53de580288e40258e108d7c0ebcef7cbcc58df851366c6f8a4fdb64389fe1ec6478973a72e15fc6f0fe7f784d083497fe6b47
-
SSDEEP
12288:dp/HG5izZHPnmxRhsonwF4ZwPSS2v77j1I1N7Zd:nZHPmvhsk2D875I1N7
-
Suspicious use of SetThreadContext
-