MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 193a7b4684ef1fcbff753f7466d61b17e11a6335a3c47a09569ec72f181d652a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Loki


Vendor detections: 3


Intelligence 3 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 193a7b4684ef1fcbff753f7466d61b17e11a6335a3c47a09569ec72f181d652a
SHA3-384 hash: 60a687eef8e25016fed1266a315f4f2cf06c5c15ca0a9b3017ec7d3aa6db693371cc87b969339ea102b0157602f94655
SHA1 hash: b0126195c5f65ec4395a887128a65bd5d4084b7f
MD5 hash: 74e218255d1efbe56315b6f3a1ead427
humanhash: october-louisiana-river-jig
File name:P.O_575899.bat.exe
Download: download sample
Signature Loki
Create hunting rule
File size:499'712 bytes
First seen:2020-04-30 07:34:36 UTC
Last seen:Never
File type:Executable exe
MIME type:application/x-dosexec
imphash 9e2aebb1223202d7dedec9d27cbf80fd (1 x Loki)
ssdeep 12288:AO6/q7gtIBy4nnkSFNEhCywEfTZSOGGZfL:W6y6rQGGJL
Threatray 107 similar samples on MalwareBazaar
TLSH C4B4A64B38E2CF67E99476724D2C1CF3E99C42FD9B390D49EF06669EABE7E485105002
Reporter jarumlus
Tags:Loki

Intelligence

File Origin
# of uploads :
1
# of downloads :
76
Origin country :
n/a
Vendor Threat Intelligence

File information

The table below shows additional information about this malware sample such as delivery method and external references.

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_AUTHENTICODEMissing Authenticodehigh
CHECK_NXMissing Non-Executable Memory Protectioncritical
CHECK_PIEMissing Position-Independent Executable (PIE) Protectionhigh
Reviews
IDCapabilitiesEvidence
VB_APILegacy Visual Basic API usedMSVBVM60.DLL::EVENT_SINK_AddRef

Comments