General
-
Target
SecuriteInfo.com.Trojan.Packed2.44597.21015.23374.exe
-
Size
568KB
-
Sample
221126-a474eadd9v
-
MD5
0cfde2328176e3db7ec219783a91bc99
-
SHA1
b8e05f1cc9f6b1d08395fc95f39239c17fb11f2b
-
SHA256
7a102930b27f3cf8f63622678ffcd5e8132aeecaff274ad98e67571e1c19ee90
-
SHA512
8228d8a0d2338b8afbcc0e965e5ac1e08d1f18f4f9b3b5636f00d369d5ca3e2cf72f5f815d9d4f8743a3238d24a867c9b78a76e8d117e746d53345b4e9c91677
-
SSDEEP
12288:BavIZxD7RP5IsZPbLj6LmWZK5bRAfOIiKXAjV9X1hV7Ju3iTBImg:BavTcbLm1KA2Ii39XtT
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.Packed2.44597.21015.23374.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.Packed2.44597.21015.23374.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lokibot
http://sempersim.su/gl22/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SecuriteInfo.com.Trojan.Packed2.44597.21015.23374.exe
-
Size
568KB
-
MD5
0cfde2328176e3db7ec219783a91bc99
-
SHA1
b8e05f1cc9f6b1d08395fc95f39239c17fb11f2b
-
SHA256
7a102930b27f3cf8f63622678ffcd5e8132aeecaff274ad98e67571e1c19ee90
-
SHA512
8228d8a0d2338b8afbcc0e965e5ac1e08d1f18f4f9b3b5636f00d369d5ca3e2cf72f5f815d9d4f8743a3238d24a867c9b78a76e8d117e746d53345b4e9c91677
-
SSDEEP
12288:BavIZxD7RP5IsZPbLj6LmWZK5bRAfOIiKXAjV9X1hV7Ju3iTBImg:BavTcbLm1KA2Ii39XtT
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-