General
-
Target
b3572d2bd209610d7ec534e2432d045a
-
Size
523KB
-
Sample
240305-ax4gmshc3s
-
MD5
b3572d2bd209610d7ec534e2432d045a
-
SHA1
6bdcbdf8ba209198fe99d6aa2c92cbac648c182e
-
SHA256
94546fe5e9c7c193a595e0e33a9398b6366509ecbbaaa9351e56c1c668eb4801
-
SHA512
97b738ec2136a23a9b04e0719bb08b89e27a51eb258a7d961000f9fadde301436cb23436e25a822435b4688baa8db5590d8a38adc4ad66ca76e6a51d0a8a26c4
-
SSDEEP
12288:4PkuQpRZkXf3CudLfEiI1bZkdQKC8dGJ2LRXLRY3/4Alh31eJz3v4hPGs:4PkuQpiEiI1lkdQ4dGJ2LRXLRY3/PlhZ
Static task
static1
Behavioral task
behavioral1
Sample
b3572d2bd209610d7ec534e2432d045a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b3572d2bd209610d7ec534e2432d045a.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://brokenislegion.tk/BN1/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b3572d2bd209610d7ec534e2432d045a
-
Size
523KB
-
MD5
b3572d2bd209610d7ec534e2432d045a
-
SHA1
6bdcbdf8ba209198fe99d6aa2c92cbac648c182e
-
SHA256
94546fe5e9c7c193a595e0e33a9398b6366509ecbbaaa9351e56c1c668eb4801
-
SHA512
97b738ec2136a23a9b04e0719bb08b89e27a51eb258a7d961000f9fadde301436cb23436e25a822435b4688baa8db5590d8a38adc4ad66ca76e6a51d0a8a26c4
-
SSDEEP
12288:4PkuQpRZkXf3CudLfEiI1bZkdQKC8dGJ2LRXLRY3/4Alh31eJz3v4hPGs:4PkuQpiEiI1lkdQ4dGJ2LRXLRY3/PlhZ
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-