General
-
Target
179456F7D77CF8B5D90CE2AF2CAA8183E372BEBF53AE3.exe
-
Size
239KB
-
Sample
230130-ztvsrsed6s
-
MD5
3dc2fc6de51eab19a01e2454b1e2722d
-
SHA1
c479ca87e368bca18cfd5fbae1708eb3ffc5a282
-
SHA256
179456f7d77cf8b5d90ce2af2caa8183e372bebf53ae3e244f099f7067ae3570
-
SHA512
d8f136a06ffa18ea46f7ef387d322e904ae197fb0ad8190cd10b28903c8a2bebad5a616d0e4e676a36f76fb0a3e449719776c130e434e2e3ad3b90abe154c91c
-
SSDEEP
6144:mZa6ALpj3U4r7FLbTaccjyvHF+tsMZabESHPAaV:Ka1uALHab2d+tsMUbdv
Static task
static1
Behavioral task
behavioral1
Sample
179456F7D77CF8B5D90CE2AF2CAA8183E372BEBF53AE3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
179456F7D77CF8B5D90CE2AF2CAA8183E372BEBF53AE3.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lokibot
http://31.220.40.22/~lahtipre/lenzman/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
179456F7D77CF8B5D90CE2AF2CAA8183E372BEBF53AE3.exe
-
Size
239KB
-
MD5
3dc2fc6de51eab19a01e2454b1e2722d
-
SHA1
c479ca87e368bca18cfd5fbae1708eb3ffc5a282
-
SHA256
179456f7d77cf8b5d90ce2af2caa8183e372bebf53ae3e244f099f7067ae3570
-
SHA512
d8f136a06ffa18ea46f7ef387d322e904ae197fb0ad8190cd10b28903c8a2bebad5a616d0e4e676a36f76fb0a3e449719776c130e434e2e3ad3b90abe154c91c
-
SSDEEP
6144:mZa6ALpj3U4r7FLbTaccjyvHF+tsMZabESHPAaV:Ka1uALHab2d+tsMUbdv
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-