General
-
Target
MKiN8877.exe
-
Size
183KB
-
Sample
240426-r4axcaef2s
-
MD5
024723edea08710b53fae828c62747a4
-
SHA1
8b9f285a479f477189afbbf16c7c0a16ef5725a5
-
SHA256
656fe7b8c0235991ef9bd95b8f3daec829d515cdf8f6780acd52d232f6f073f2
-
SHA512
125e1340f3873ef5e5a4ce695b95a94de577885d90decd32cd77edcd7a5261acd2f1e2a460410194c2bcf1ca645732ddd9b7960d655b1fe150348c27a13af57c
-
SSDEEP
1536:BepAY1c9wqvnAv77vvvvv7vvvvvvv7vvvvv64+mhhhm+DtqOgA:y+9wqY+mhhhmitqOH
Static task
static1
Behavioral task
behavioral1
Sample
MKiN8877.exe
Resource
win10-20240404-en
Behavioral task
behavioral2
Sample
MKiN8877.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
lokibot
http://tampabayllc.top/teamb/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
MKiN8877.exe
-
Size
183KB
-
MD5
024723edea08710b53fae828c62747a4
-
SHA1
8b9f285a479f477189afbbf16c7c0a16ef5725a5
-
SHA256
656fe7b8c0235991ef9bd95b8f3daec829d515cdf8f6780acd52d232f6f073f2
-
SHA512
125e1340f3873ef5e5a4ce695b95a94de577885d90decd32cd77edcd7a5261acd2f1e2a460410194c2bcf1ca645732ddd9b7960d655b1fe150348c27a13af57c
-
SSDEEP
1536:BepAY1c9wqvnAv77vvvvv7vvvvvvv7vvvvv64+mhhhm+DtqOgA:y+9wqY+mhhhmitqOH
Score10/10-
Downloads MZ/PE file
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-