General
-
Target
3454a09f4f2947a44dbcf91f7aa0714f.bin
-
Size
477KB
-
Sample
240529-b7fzrsec92
-
MD5
ff9a567e05459721cc47b388724a9b7f
-
SHA1
966b559f7d3f5e002f3164aab38ef66924ddca85
-
SHA256
2cfea18aa895ddc7d528ff3cee118f793c3f799454f555cb117cf12bd1a474ab
-
SHA512
9ef5b4c7da86fc252df55566be4c63bf81b0661e08b0e1d7cc3e30b1e5a75a57f35062814b1cd04a1cd153bb14f854937bfb963dffeeffc47127f30f08096317
-
SSDEEP
12288:QdnqeIDWaDOGSWf8+eSvrzhUFoZA96OcUNzuk0/:QdnzYOGXfZj8Wc6OH1XQ
Static task
static1
Behavioral task
behavioral1
Sample
DHL Receipt_20458077822.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
DHL Receipt_20458077822.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
lokibot
http://45.61.137.215/index.php/t?id=090
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
DHL Receipt_20458077822.exe
-
Size
515KB
-
MD5
fc82dd607bf8069ac0defcc1cb8d6b38
-
SHA1
e4e8ffe86a95150190ea0984a6258def94baf231
-
SHA256
6695845ad86f868589cb2863793a6ede2e84d37ae5aeb9e879e027572d25d8fe
-
SHA512
a944548df6c16d6f84a7b49994004e408fb0c9b7a4fed4c2a1a7ea911d549377e4bf3a07552aff262fc198697f5c88f58611c0a7e0a3d1ea4c5b38de69327d53
-
SSDEEP
12288:QuJrYCFd6xtcceSvQmT4REB7PNHdXal7HZsIbHa3dkR:L81xa6vB7jXaAIzGA
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-