General
-
Target
d12761c635cb3799be45ab5c2df206aa.bin
-
Size
497KB
-
Sample
240420-b73tjadc87
-
MD5
9468728a189a1efd2a069ef1eb503571
-
SHA1
8be67584afd6fe8614156b1e9c614b2db145ef44
-
SHA256
3540e313988762aa9cc4bcbacc9e6f214986d66f621d5faebe0b5da8ad5ee723
-
SHA512
b9809f0dd151cfb0b2fbf7dc5254f5f48d5ad7a692e718845de4230b60fa2366b97d4445d5f68c35283fffcb59ac02db85f5760b0b903b0fdf97e97c09899fb7
-
SSDEEP
12288:6FjfoPdgh8hKxxhgLPphUrwSK/5aj2abXjkp/F:uI+8oxjWPphyKhajhXS/F
Static task
static1
Behavioral task
behavioral1
Sample
FedEx_AWB#53023114643.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
FedEx_AWB#53023114643.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
lokibot
http://24.199.107.111/index.php/0672554332862
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
FedEx_AWB#53023114643.exe
-
Size
558KB
-
MD5
748f2d7afc9aab8fbd553c5b07c0ec5f
-
SHA1
f92418c15a463d6201b32821ee9ef653db4a8600
-
SHA256
99f0f330f7fafcc28267cc425f1d62ebf2a1604cd1843adec3a63e6631044d14
-
SHA512
d9ceb997622ef2cff0ccb1613326bfe2efd22a1e0dc7e08fab04cf87a34290a3f1140219a461d727e8d9f9157d2c6793c2b07a30b8bbd5beb61228b5cdd996da
-
SSDEEP
12288:nnUqvDQpIa40jkkT/lGrrH4GF3rUz9dKgXFZuz3kR:nFD8Iam7rHDezKgXqi
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-