General
-
Target
SecuriteInfo.com.Win32.CrypterX-gen.15258.5029.exe
-
Size
815KB
-
Sample
221129-llhxcafh89
-
MD5
6e3115cf850b37dfa16ec22905380658
-
SHA1
ccf8206f8b89fcaa000a287100efa07b7aa69508
-
SHA256
4fc2317b486fba4344c5bf983c138ec30821715652f9b414ccac6c9e262ac831
-
SHA512
8ef79115f44ebb87672ee36cdd2c42e0d0883963c2b7e472ae7c125455988860d21cfa27301928e360610c9c73926dfd203f86c8b36e0d33846da7944e77ee4c
-
SSDEEP
12288:t/DYqU+MDdzoa1cfNhZV9drQVN6gkZnM7BKd/BHtJFgxjs6SEu0KR:tDUDdEPf1VjrEN6gkWV8/57Fg4N0Y
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Win32.CrypterX-gen.15258.5029.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Win32.CrypterX-gen.15258.5029.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
lokibot
http://sempersim.su/gm10/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SecuriteInfo.com.Win32.CrypterX-gen.15258.5029.exe
-
Size
815KB
-
MD5
6e3115cf850b37dfa16ec22905380658
-
SHA1
ccf8206f8b89fcaa000a287100efa07b7aa69508
-
SHA256
4fc2317b486fba4344c5bf983c138ec30821715652f9b414ccac6c9e262ac831
-
SHA512
8ef79115f44ebb87672ee36cdd2c42e0d0883963c2b7e472ae7c125455988860d21cfa27301928e360610c9c73926dfd203f86c8b36e0d33846da7944e77ee4c
-
SSDEEP
12288:t/DYqU+MDdzoa1cfNhZV9drQVN6gkZnM7BKd/BHtJFgxjs6SEu0KR:tDUDdEPf1VjrEN6gkWV8/57Fg4N0Y
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-