General
-
Target
d07fd206bfadd24bc7e4939c7b24e098
-
Size
327KB
-
Sample
240317-k8dqgabf4y
-
MD5
d07fd206bfadd24bc7e4939c7b24e098
-
SHA1
e829b677f7231c1cf5d544deb6da1a2b2a5bc5ca
-
SHA256
b236304dad4fcf402b8dddc467038cbaf623284155ccc5671c972f57d238e088
-
SHA512
830ce2014ebbab8b85a6fa2ec459518b13ea4bb151fbefedb39aef1ff3df2e6d6def4a5ffc84213a4e4e17cb1f1cdc1869d95733a84d7bd471a0b555255f512d
-
SSDEEP
6144:zYrf0xh3Hfr5YwuLpVvIssmMsvGOBQ5B+e4RYgcEppaL3hdJKCjRX/:8rf0P3HD5YOs3IspR5cEgxFjN
Static task
static1
Behavioral task
behavioral1
Sample
d07fd206bfadd24bc7e4939c7b24e098.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d07fd206bfadd24bc7e4939c7b24e098.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
lokibot
http://brokenethicalgod.ml/BN11/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
d07fd206bfadd24bc7e4939c7b24e098
-
Size
327KB
-
MD5
d07fd206bfadd24bc7e4939c7b24e098
-
SHA1
e829b677f7231c1cf5d544deb6da1a2b2a5bc5ca
-
SHA256
b236304dad4fcf402b8dddc467038cbaf623284155ccc5671c972f57d238e088
-
SHA512
830ce2014ebbab8b85a6fa2ec459518b13ea4bb151fbefedb39aef1ff3df2e6d6def4a5ffc84213a4e4e17cb1f1cdc1869d95733a84d7bd471a0b555255f512d
-
SSDEEP
6144:zYrf0xh3Hfr5YwuLpVvIssmMsvGOBQ5B+e4RYgcEppaL3hdJKCjRX/:8rf0P3HD5YOs3IspR5cEgxFjN
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-