General
-
Target
9563b875875d225a4d48fc1ab3903a00544f741bfd215a982f95a124580f8e03.exe
-
Size
260KB
-
Sample
241124-grsxaaxlcz
-
MD5
1d82afbf80765ea9992c8a9119dd3a65
-
SHA1
fdb516c18c21f3cb9f2a63f639ff03719374aa7b
-
SHA256
9563b875875d225a4d48fc1ab3903a00544f741bfd215a982f95a124580f8e03
-
SHA512
42a4d582a50a1e1be25b09f7a7976da45e95ab4ceccf64ef2ea18b6320b30d48c7fe63cb3023b74da59a476a6a06e5d14999559f94856b462590c132860bbd9c
-
SSDEEP
6144:cnhyn+X8BezX321bKbGrdXso/eIADG8elj:chynmcez21mnHxD4
Static task
static1
Behavioral task
behavioral1
Sample
9563b875875d225a4d48fc1ab3903a00544f741bfd215a982f95a124580f8e03.exe
Resource
win7-20240903-en
Malware Config
Extracted
lokibot
http://63.250.40.204/~wpdemo/file.php?search=386869
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
9563b875875d225a4d48fc1ab3903a00544f741bfd215a982f95a124580f8e03.exe
-
Size
260KB
-
MD5
1d82afbf80765ea9992c8a9119dd3a65
-
SHA1
fdb516c18c21f3cb9f2a63f639ff03719374aa7b
-
SHA256
9563b875875d225a4d48fc1ab3903a00544f741bfd215a982f95a124580f8e03
-
SHA512
42a4d582a50a1e1be25b09f7a7976da45e95ab4ceccf64ef2ea18b6320b30d48c7fe63cb3023b74da59a476a6a06e5d14999559f94856b462590c132860bbd9c
-
SSDEEP
6144:cnhyn+X8BezX321bKbGrdXso/eIADG8elj:chynmcez21mnHxD4
-
Lokibot family
-
Accesses Microsoft Outlook profiles
-