General
-
Target
Conan Fegan - Aluminium.exe
-
Size
389KB
-
Sample
210222-ztx1re215j
-
MD5
708ee64939578fbb07010e20f6c7672c
-
SHA1
335dc9a9142b528848b8446be2afda844f6d673f
-
SHA256
f1a43d8b49bda3c88eb1c314c9460a92c0b467ea8db4c9086ac8e3bfe358e511
-
SHA512
0760e722df49e3a10b26320b54648029c1d7e2862bca7f1bc4d9a60cf9a46a6d847eb3a86825ea1faa59aaa93725d601cee8c3167f4a8fe01ff4454e823fec9a
Static task
static1
Behavioral task
behavioral1
Sample
Conan Fegan - Aluminium.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
https://www.ritcophysiotherapy.com.au/wap121/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Conan Fegan - Aluminium.exe
-
Size
389KB
-
MD5
708ee64939578fbb07010e20f6c7672c
-
SHA1
335dc9a9142b528848b8446be2afda844f6d673f
-
SHA256
f1a43d8b49bda3c88eb1c314c9460a92c0b467ea8db4c9086ac8e3bfe358e511
-
SHA512
0760e722df49e3a10b26320b54648029c1d7e2862bca7f1bc4d9a60cf9a46a6d847eb3a86825ea1faa59aaa93725d601cee8c3167f4a8fe01ff4454e823fec9a
-
Suspicious use of SetThreadContext
-