General
-
Target
bd14c764ee43bda58dca34b77c472f95
-
Size
1.0MB
-
Sample
240309-3ep6hsdg83
-
MD5
bd14c764ee43bda58dca34b77c472f95
-
SHA1
d48dfaf46a710a70f09af8eaa3b5857b2ed61b16
-
SHA256
79142fe47b6634871d61167369e050665c4ee7f868b066510bd64c171cef8525
-
SHA512
85c1c34a6676fcbf11be8261903fcfa494dbdebe349699bb42e918b7cd6b33a787048ed6f1670a047e2a27f6286d14a5fa48ceb83787545f2b15c0ccac3e54e0
-
SSDEEP
12288:eTVeKoHZwuKkZJo6dj1Uy3o6XlWzx7AnyaUVKnp:fTHSdk3o6dj1Z3o2WxHahp
Static task
static1
Behavioral task
behavioral1
Sample
bd14c764ee43bda58dca34b77c472f95.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
bd14c764ee43bda58dca34b77c472f95.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://manvim.co/fd5/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
bd14c764ee43bda58dca34b77c472f95
-
Size
1.0MB
-
MD5
bd14c764ee43bda58dca34b77c472f95
-
SHA1
d48dfaf46a710a70f09af8eaa3b5857b2ed61b16
-
SHA256
79142fe47b6634871d61167369e050665c4ee7f868b066510bd64c171cef8525
-
SHA512
85c1c34a6676fcbf11be8261903fcfa494dbdebe349699bb42e918b7cd6b33a787048ed6f1670a047e2a27f6286d14a5fa48ceb83787545f2b15c0ccac3e54e0
-
SSDEEP
12288:eTVeKoHZwuKkZJo6dj1Uy3o6XlWzx7AnyaUVKnp:fTHSdk3o6dj1Z3o2WxHahp
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-