5e1967db286d886b87d1ec655559b9af694fc6e002fea3a6c7fd3c6b0b49ea6e | Triage

Submit
Reports

Overview

overview

7

Static

static

flokibot_0...ir.exe

windows7_x64

7

flokibot_0...ir.exe

windows10_x64

7

Sharing

General

Target

flokibot_0.0.0.12.vir
Size

232KB
Sample

200719-krxnjshbh2
MD5

5649e7a200df2fb85ad1fb5a723bef22
SHA1

b057d20122048001850afeca671fd31dbcdd1c76
SHA256

5e1967db286d886b87d1ec655559b9af694fc6e002fea3a6c7fd3c6b0b49ea6e
SHA512

9bb3fb0410d4b8ae36e9bcc8dc75de5369c0de765dfaa3e5a2f451df5b162ad65166012f6d504cb9400fb9b66bb6a52eebac329496d402920bc67d16e047cbc5

Score

7^/10

Static task

static1

Behavioral task

behavioral1

Sample

flokibot_0.0.0.12.vir.exe

Resource

win7

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

flokibot_0.0.0.12.vir.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  flokibot_0.0.0.12.vir
- Size
  
  232KB
- MD5
  
  5649e7a200df2fb85ad1fb5a723bef22
- SHA1
  
  b057d20122048001850afeca671fd31dbcdd1c76
- SHA256
  
  5e1967db286d886b87d1ec655559b9af694fc6e002fea3a6c7fd3c6b0b49ea6e
- SHA512
  
  9bb3fb0410d4b8ae36e9bcc8dc75de5369c0de765dfaa3e5a2f451df5b162ad65166012f6d504cb9400fb9b66bb6a52eebac329496d402920bc67d16e047cbc5
Score

7^/10
- Deletes itself
- Drops startup file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy