General
-
Target
SCTR11670000pdf.exe
-
Size
590KB
-
Sample
240417-ggab7agf81
-
MD5
a9d25742936345bea8b04ccea8d734a6
-
SHA1
3095759333963b09c097ba18832cdc1485518964
-
SHA256
79879e8ec6748d39187201ab487066c6376fb1470acb7fc549cef32e4bf87415
-
SHA512
14b8ff4a4d4713fc12db50bfa07d5acc60d9f6204b4d156cbdf51b1e636a7669c59dd6202cfba8ab104bb5cdabab66b44e60105b15071d96e9cee3de202eefa3
-
SSDEEP
12288:/GL21ILyzQ2cWjoIN7khkqPiFKzuZ3q928rW2A2arldVKOOkJAS1gkR:uL21ILyzQrAykqWTZ3q9frW2A2ar3VKi
Static task
static1
Behavioral task
behavioral1
Sample
SCTR11670000pdf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SCTR11670000pdf.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
lokibot
http://136.244.109.75/index.php/690877741063
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
SCTR11670000pdf.exe
-
Size
590KB
-
MD5
a9d25742936345bea8b04ccea8d734a6
-
SHA1
3095759333963b09c097ba18832cdc1485518964
-
SHA256
79879e8ec6748d39187201ab487066c6376fb1470acb7fc549cef32e4bf87415
-
SHA512
14b8ff4a4d4713fc12db50bfa07d5acc60d9f6204b4d156cbdf51b1e636a7669c59dd6202cfba8ab104bb5cdabab66b44e60105b15071d96e9cee3de202eefa3
-
SSDEEP
12288:/GL21ILyzQ2cWjoIN7khkqPiFKzuZ3q928rW2A2arldVKOOkJAS1gkR:uL21ILyzQrAykqWTZ3q9frW2A2ar3VKi
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-