General
-
Target
2024-11-22_d4fd543dd220462dc2ebe5652b9f6602_mafia
-
Size
1.3MB
-
Sample
241122-3dendssjhs
-
MD5
d4fd543dd220462dc2ebe5652b9f6602
-
SHA1
bf8b5684532568c1a22aeb24cf726c1f67f940fa
-
SHA256
2739e24e27270aa7ceca0f2a6938af9beadb6673c6e68f0ba8ce0bfe99f3b44c
-
SHA512
d0a8fb4ef543b5a8dd3f4cebe96fb3dc68c5d8f466f67015d4e0ab5c5534866856a0c95c93f4babeabafc5cafc323a8188f613e63ad0376c8e50b28d18913eb4
-
SSDEEP
24576:697ZlobAtl4Yz1o/qhgqpQs4PG0xZ4siUaUO/73JqEHBXdtowCER3v7DA2:697+Atl9Zo/B74RUaUaFnBXdtowXnV
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-22_d4fd543dd220462dc2ebe5652b9f6602_mafia.exe
Resource
win7-20240903-en
Malware Config
Extracted
lokibot
https://just-in-timelog.com/LoT/Panel/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
2024-11-22_d4fd543dd220462dc2ebe5652b9f6602_mafia
-
Size
1.3MB
-
MD5
d4fd543dd220462dc2ebe5652b9f6602
-
SHA1
bf8b5684532568c1a22aeb24cf726c1f67f940fa
-
SHA256
2739e24e27270aa7ceca0f2a6938af9beadb6673c6e68f0ba8ce0bfe99f3b44c
-
SHA512
d0a8fb4ef543b5a8dd3f4cebe96fb3dc68c5d8f466f67015d4e0ab5c5534866856a0c95c93f4babeabafc5cafc323a8188f613e63ad0376c8e50b28d18913eb4
-
SSDEEP
24576:697ZlobAtl4Yz1o/qhgqpQs4PG0xZ4siUaUO/73JqEHBXdtowCER3v7DA2:697+Atl9Zo/B74RUaUaFnBXdtowXnV
-
Lokibot family
-
Accesses Microsoft Outlook profiles
-