General
-
Target
ad92825e2bc4dc8a0402385e1fa515e2
-
Size
1.2MB
-
Sample
240229-d16b7acc4w
-
MD5
ad92825e2bc4dc8a0402385e1fa515e2
-
SHA1
8856b18cd5b5c597625c6a4197c764994fe6881d
-
SHA256
04890f9df740295564e37e6a458fc43f1e9ac7d5a038514cf25510474356b4a8
-
SHA512
6dae4730e9c864e572dea4606b3dcf87ec18f089106539bd964bd644b366283fd7acd71e169b8c773e9a0466b746525e93b0d1685889fc5d5d6e8e469001063f
-
SSDEEP
24576:tdkblhBJO62Woxe3PNTa631TPHHD89w05o:td41s62WeOTHjOo
Static task
static1
Behavioral task
behavioral1
Sample
ad92825e2bc4dc8a0402385e1fa515e2.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ad92825e2bc4dc8a0402385e1fa515e2.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://kossa.xyz/kl/vz/ri.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
ad92825e2bc4dc8a0402385e1fa515e2
-
Size
1.2MB
-
MD5
ad92825e2bc4dc8a0402385e1fa515e2
-
SHA1
8856b18cd5b5c597625c6a4197c764994fe6881d
-
SHA256
04890f9df740295564e37e6a458fc43f1e9ac7d5a038514cf25510474356b4a8
-
SHA512
6dae4730e9c864e572dea4606b3dcf87ec18f089106539bd964bd644b366283fd7acd71e169b8c773e9a0466b746525e93b0d1685889fc5d5d6e8e469001063f
-
SSDEEP
24576:tdkblhBJO62Woxe3PNTa631TPHHD89w05o:td41s62WeOTHjOo
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-