General
-
Target
78e5d7d0502977044109013b3946c9e65c4b96771b2e23c159db32499f08781b
-
Size
632KB
-
Sample
230124-lh6t1abh7w
-
MD5
36a48cae5b7e408a7ead52d27faf0a05
-
SHA1
fe33d94bd5fb22392843db28d30b603d9bac409c
-
SHA256
78e5d7d0502977044109013b3946c9e65c4b96771b2e23c159db32499f08781b
-
SHA512
f680161bf286fafb487eb7addb6934d883dc506cbd8a9de75cf1d63f52aa2bdbbb844e336da35920efb1c543fdd15b9d30abd7ea39f5d9263419460ab68cf6b4
-
SSDEEP
12288:cKvMtEwcU3gZ+GQzjkATGdsKUu0Fhip+9SDIcSmpxI513KzHwr:c66AAgZbQzlGwu0eDLWKC
Static task
static1
Behavioral task
behavioral1
Sample
78e5d7d0502977044109013b3946c9e65c4b96771b2e23c159db32499f08781b.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lokibot
http://171.22.30.147/kelly/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
78e5d7d0502977044109013b3946c9e65c4b96771b2e23c159db32499f08781b
-
Size
632KB
-
MD5
36a48cae5b7e408a7ead52d27faf0a05
-
SHA1
fe33d94bd5fb22392843db28d30b603d9bac409c
-
SHA256
78e5d7d0502977044109013b3946c9e65c4b96771b2e23c159db32499f08781b
-
SHA512
f680161bf286fafb487eb7addb6934d883dc506cbd8a9de75cf1d63f52aa2bdbbb844e336da35920efb1c543fdd15b9d30abd7ea39f5d9263419460ab68cf6b4
-
SSDEEP
12288:cKvMtEwcU3gZ+GQzjkATGdsKUu0Fhip+9SDIcSmpxI513KzHwr:c66AAgZbQzlGwu0eDLWKC
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-