General
-
Target
b412a5034fe0386f138c5e9064643d17
-
Size
573KB
-
Sample
240305-hrc2hahb7z
-
MD5
b412a5034fe0386f138c5e9064643d17
-
SHA1
f97d5ac514730939461919721535c94468787839
-
SHA256
38fa7af4a9c0cb9102017ef9b666fa74604f6d54416575f59db506106941b85d
-
SHA512
1def2e2b5f6aded13c8c9f0f568dcae27f77bdc6951a378fef78d524cfdb3c6dadd8f2fdf314ffac319e72077ccd30fb3dd668569bc1e1e9be50b1d63ef05b01
-
SSDEEP
12288:HraOH7BLOn7AZId3pVzVz9t2qxA9pCOAE5xoG:LRVL27O6ZlTtH8pxAQxR
Static task
static1
Behavioral task
behavioral1
Sample
b412a5034fe0386f138c5e9064643d17.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b412a5034fe0386f138c5e9064643d17.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
https://pakilogs2020.xyz/t/e/ff.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
b412a5034fe0386f138c5e9064643d17
-
Size
573KB
-
MD5
b412a5034fe0386f138c5e9064643d17
-
SHA1
f97d5ac514730939461919721535c94468787839
-
SHA256
38fa7af4a9c0cb9102017ef9b666fa74604f6d54416575f59db506106941b85d
-
SHA512
1def2e2b5f6aded13c8c9f0f568dcae27f77bdc6951a378fef78d524cfdb3c6dadd8f2fdf314ffac319e72077ccd30fb3dd668569bc1e1e9be50b1d63ef05b01
-
SSDEEP
12288:HraOH7BLOn7AZId3pVzVz9t2qxA9pCOAE5xoG:LRVL27O6ZlTtH8pxAQxR
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-