General
-
Target
AWB# 100235516763.rar
-
Size
539KB
-
Sample
230605-pej3lsha5x
-
MD5
705370a47237ceb76050c82413b65983
-
SHA1
a5d2d0b1af000e9701ac8ed6cdccd1487bded7aa
-
SHA256
b160f54460c7e1da671a8877d356b7eff0b78cf6cf5764fe2031643b17888e96
-
SHA512
ee9ce2faa760a8b570abc5fa0a13a3d59fa2d4b6f35dc3c02bc2eeb1ae3a31c9e878cbcb9f61e6b03e7d32365726ccd65cb273d5d3d4c9eb26954e4c7baa492d
-
SSDEEP
12288:Z38mEH/3jalc6zBt6Rslz15uM5+jVfylqKnfUUGpUHoCJ0b:MH/Zut15uUukl/8UlKb
Static task
static1
Behavioral task
behavioral1
Sample
AWB# 100235516763.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
AWB# 100235516763.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
lokibot
http://161.35.102.56/~nikol/?p=7398172063
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
AWB# 100235516763.exe
-
Size
946KB
-
MD5
af2184e237516f1739c5a7a943e4f1d6
-
SHA1
cf68814227d303671ef840343288424bccf4fe8e
-
SHA256
da1b01c8640f0b85d3ca31e501c94fdb857fbb377ce709403262be33f3378ac3
-
SHA512
668e84608a6b0e3cc9f1a19b334235e90b4a69c1274e05f09536d3fe769279d71545bb1e024a4fc90efac344182bc39dc7155b48b5349b7705f10110e64c1ec3
-
SSDEEP
12288:3d0qtROGwv0YKnAaBTHc7VjGrR+4bfWhSX72WOuHGUsAbHy2kkvqZ:LwiAwc5x4stWYUpHhkk
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-