General
-
Target
1122200567.exe
-
Size
847KB
-
Sample
230128-tegppsfc76
-
MD5
af1d82ddc77d092be0ce90590eeeec92
-
SHA1
8ddc25499d6e6bf6841a5494011a99480cebcf00
-
SHA256
1cd771d7ce1ada72b26d9fba9b689c7847b1cc501fdb0b80ec97e7a9f7fadf0a
-
SHA512
3fb26b8cca415911b27615d88bba5248408b649e44dd82cdad342509a2abcd916b8bbfbdfa2b7b03132aa5295e2d3a7b24006d664fbf4f5b08c7c1f80c6187a2
-
SSDEEP
12288:YE6GaMzrAP8Is5Zz4p71LN6V201Yc31MFhRTmZbk53jY08b9oO:YE64AP8Xkpx031Md
Static task
static1
Behavioral task
behavioral1
Sample
1122200567.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
1122200567.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
lokibot
http://208.67.105.148/health1/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
1122200567.exe
-
Size
847KB
-
MD5
af1d82ddc77d092be0ce90590eeeec92
-
SHA1
8ddc25499d6e6bf6841a5494011a99480cebcf00
-
SHA256
1cd771d7ce1ada72b26d9fba9b689c7847b1cc501fdb0b80ec97e7a9f7fadf0a
-
SHA512
3fb26b8cca415911b27615d88bba5248408b649e44dd82cdad342509a2abcd916b8bbfbdfa2b7b03132aa5295e2d3a7b24006d664fbf4f5b08c7c1f80c6187a2
-
SSDEEP
12288:YE6GaMzrAP8Is5Zz4p71LN6V201Yc31MFhRTmZbk53jY08b9oO:YE64AP8Xkpx031Md
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-