General
-
Target
adf92429a79ead247d654690cc9041ee
-
Size
692KB
-
Sample
240229-hwhsjshh95
-
MD5
adf92429a79ead247d654690cc9041ee
-
SHA1
b34feeec89c5652a3c19b11ff8e9c1f558ed798b
-
SHA256
e87bcea0f463cfd3ded9b691a6deaa8fc4fee6f0802e981f3da438d475dc5b11
-
SHA512
6feef56de1d70d83e01640e6d54ab4322947ee91559498ec7d3195eb50a8a766257f41a7f519cf8cbd08d559bd88ec009598821fbcd30b1f7feedc23daf8fe9d
-
SSDEEP
12288:SBn0RN617gNm5YnXDdRgMVahjLySXJGrwXhHjRlutLMyn6ah3SlTfKCbmv3j:SBn0RNlDdRg6axmSgkXhD6ZMmSpKCbm7
Static task
static1
Behavioral task
behavioral1
Sample
adf92429a79ead247d654690cc9041ee.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
adf92429a79ead247d654690cc9041ee.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://ctp1.xyz/w2/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
adf92429a79ead247d654690cc9041ee
-
Size
692KB
-
MD5
adf92429a79ead247d654690cc9041ee
-
SHA1
b34feeec89c5652a3c19b11ff8e9c1f558ed798b
-
SHA256
e87bcea0f463cfd3ded9b691a6deaa8fc4fee6f0802e981f3da438d475dc5b11
-
SHA512
6feef56de1d70d83e01640e6d54ab4322947ee91559498ec7d3195eb50a8a766257f41a7f519cf8cbd08d559bd88ec009598821fbcd30b1f7feedc23daf8fe9d
-
SSDEEP
12288:SBn0RN617gNm5YnXDdRgMVahjLySXJGrwXhHjRlutLMyn6ah3SlTfKCbmv3j:SBn0RNlDdRg6axmSgkXhD6ZMmSpKCbm7
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-