cZI4g6MVyFrAaaS[.]exe | Triage

Submit
Reports

Overview

overview

Static

static

1

cZI4g6MVyFrAaaS.exe

windows7-x64

cZI4g6MVyFrAaaS.exe

windows10-2004-x64

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

cZI4g6MVyFrAaaS.exe

Resource

win7-20230220-en

lokibot collection spyware stealer trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

cZI4g6MVyFrAaaS.exe

Resource

win10v2004-20230220-en

lokibot collection spyware stealer trojan

windows10-2004-x64

9 signatures

150 seconds

General

Target

cZI4g6MVyFrAaaS.exe
Size

720KB
MD5

cef8817f7191e334237f0a967fddc624
SHA1

26ea81d3dea973f4744c0ff1ab355b6e9d85872f
SHA256

11b8ec17c90add99a6e717e3f90640dcbfef63c3b4185c872caea70841bd74f2
SHA512

8057ccb69d1afba9006d5b767b801193311edb97afb7f3b6f994a4d415fb63baa25178623a9d9c3b9cac0929258c1eb2553a16ba66c6fa4605cd6f0fb069012a
SSDEEP

12288:d6SKdJVZz5dlkJcr62F3bcE+ff0dPx0t1hp4ZGyjgJlOmP:g1VZ9vs2F3bxXdPStLuZfaO

Score

1^/10

Malware Config

Signatures

Files

cZI4g6MVyFrAaaS.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 714KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy