General
-
Target
75810d481132b97e8f2f43404e06b9bc5b66477856c078c7f39469e0b729d3f5
-
Size
634KB
-
Sample
230126-2r7qnaff96
-
MD5
f00ea81c7788a439ff28bdc395985518
-
SHA1
637f8d7a5b9d2dc39ca792eb174d85581a8ab201
-
SHA256
75810d481132b97e8f2f43404e06b9bc5b66477856c078c7f39469e0b729d3f5
-
SHA512
c7e265c04563a354852bdabdfe7d86579eb3fdbfed2118e2da11264c379b165550af171ed4e8bd213be9682ed6a1a01cd74543e485f3a04b237cb70c59c6afec
-
SSDEEP
12288:qEm1w1gzs43BFjCfuXdm4SgI0HD+Vrx+R8wG2ZghcoZO67P5x6q5FqIG:q3RXYcjj+VrOBdDoZO6tx9FG
Static task
static1
Behavioral task
behavioral1
Sample
75810d481132b97e8f2f43404e06b9bc5b66477856c078c7f39469e0b729d3f5.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
lokibot
http://171.22.30.147/kelly/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
75810d481132b97e8f2f43404e06b9bc5b66477856c078c7f39469e0b729d3f5
-
Size
634KB
-
MD5
f00ea81c7788a439ff28bdc395985518
-
SHA1
637f8d7a5b9d2dc39ca792eb174d85581a8ab201
-
SHA256
75810d481132b97e8f2f43404e06b9bc5b66477856c078c7f39469e0b729d3f5
-
SHA512
c7e265c04563a354852bdabdfe7d86579eb3fdbfed2118e2da11264c379b165550af171ed4e8bd213be9682ed6a1a01cd74543e485f3a04b237cb70c59c6afec
-
SSDEEP
12288:qEm1w1gzs43BFjCfuXdm4SgI0HD+Vrx+R8wG2ZghcoZO67P5x6q5FqIG:q3RXYcjj+VrOBdDoZO6tx9FG
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-