MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 62c065b84f7eb0198da0f2724a9dd58d19f0c699eabfeda48a8313788e0d1e09. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Loki

Vendor detections: 6

Intelligence 6 IOCs YARA File information Comments

SHA256 hash:	62c065b84f7eb0198da0f2724a9dd58d19f0c699eabfeda48a8313788e0d1e09
SHA3-384 hash:	78a1d1bc0dad882dee4b705aea5874f6942540b8be2f56fae286a9c9df6763ec341e93ede6ddfe1fc6064ee255fce345
SHA1 hash:	2c9130c96d6b7c125243dcbd576a19c60d45d92c
MD5 hash:	e8004559eaa61dc95135b07a677636cc
humanhash:	uniform-carpet-oxygen-winner
File name:	e8004559eaa61dc95135b07a677636cc.exe
Download:	download sample
Signature	Loki Create hunting rule
File size:	186'462 bytes
First seen:	2020-11-11 16:26:19 UTC
Last seen:	2020-11-11 17:48:14 UTC
File type:	exe
MIME type:	application/x-dosexec
ssdeep	3072:8L3uYYT5TaT+Lf0x+NHbBS5RghW97od4fyQbUcpxlH5Oj+PjdWor:8LeZ7NHw5us9LfAgx8+rdWg
TLSH	6D04AD2D9AF15A12F23E67F9CD7368009330201E9A47E36D8CC694F626BB77486C1D5B
Reporter	abuse_ch
Tags:	exe Loki

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Trojan.InjectNET.14.25824.16354.UNOFFICIAL

Result

Verdict:

Malware

Maliciousness:

Result

Verdict:

MALICIOUS

Details

Windows PE Executable

Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.

Result

Threat name:

Unknown

Detection:

malicious

Classification:

n/a

Score:

52 / 100

Link:

https://www.joesandbox.com/analysis/531400

Signature

Machine Learning detection for sample

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/62c065b84f7eb0198da0f2724a9dd58d19f0c699eabfeda48a8313788e0d1e09/

Threat name:

ByteCode-MSIL.Backdoor.NanoBot

Status:

Malicious

First seen:

2020-11-11 17:23:49 UTC

AV detection:

10 of 29 (34.48%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=mlaglocpp2ybtdna6jzevhovrum7bruz5k763jekqmjxrdqndyeq._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/201111-2ebtk3ftka/

Unpacked files

SH256 hash:

62c065b84f7eb0198da0f2724a9dd58d19f0c699eabfeda48a8313788e0d1e09

MD5 hash:

e8004559eaa61dc95135b07a677636cc

SHA1 hash:

2c9130c96d6b7c125243dcbd576a19c60d45d92c

Link:

https://www.unpac.me/results/2ab27f01-9a74-46cd-8732-9dd779ea1224/

Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Loki

exe 62c065b84f7eb0198da0f2724a9dd58d19f0c699eabfeda48a8313788e0d1e09

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/783308/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample