General
-
Target
7ac72155fb1e764a891e9a2ff3380e0b.bin
-
Size
351KB
-
Sample
240229-bz8d2sae63
-
MD5
7ac72155fb1e764a891e9a2ff3380e0b
-
SHA1
57c30aa53510b1a1ea0708a6cfd55f56c30b41c3
-
SHA256
42e8dfe8e7bee58801b95bbc3b7535ef593554851023a002b178a992b59e13b8
-
SHA512
24c8ae4d903f22d0242c98e786502d89b39b1ae441ac5667294cc45e9d00c8d1ccf31f9775da6a46f4631182a6b457397654dc7a4b669ad412935f3cb8179c5a
-
SSDEEP
6144:GpbTkGlAILnvfNM1CA5BoRlIB0SEdIe1irq13S98tPHPwzu6cI2g/S07SYzMHXI:GCGlAqnvfNM15YRlI8ErqM2vwzAI2g/h
Static task
static1
Behavioral task
behavioral1
Sample
7ac72155fb1e764a891e9a2ff3380e0b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
7ac72155fb1e764a891e9a2ff3380e0b.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://91.92.252.146:8008/aioy/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
7ac72155fb1e764a891e9a2ff3380e0b.bin
-
Size
351KB
-
MD5
7ac72155fb1e764a891e9a2ff3380e0b
-
SHA1
57c30aa53510b1a1ea0708a6cfd55f56c30b41c3
-
SHA256
42e8dfe8e7bee58801b95bbc3b7535ef593554851023a002b178a992b59e13b8
-
SHA512
24c8ae4d903f22d0242c98e786502d89b39b1ae441ac5667294cc45e9d00c8d1ccf31f9775da6a46f4631182a6b457397654dc7a4b669ad412935f3cb8179c5a
-
SSDEEP
6144:GpbTkGlAILnvfNM1CA5BoRlIB0SEdIe1irq13S98tPHPwzu6cI2g/S07SYzMHXI:GCGlAqnvfNM15YRlI8ErqM2vwzAI2g/h
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-