MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Loki

Vendor detections: 3

Intelligence 3 IOCs YARA File information Comments

SHA256 hash:	fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c
SHA3-384 hash:	049e72de8cc3b1dc59b0b4c148813a3920f8481c370b660a9fd6850191acf43195ea5855fc7357347a804521254f8467
SHA1 hash:	7c66ae2b8afa496975170673aff1e07608cfc725
MD5 hash:	72f106a44a4d286abd8bd7c43855d09e
humanhash:	nebraska-gee-black-mango
File name:	72f106a44a4d286abd8bd7c43855d09e.exe
Download:	download sample
Signature	Loki Create hunting rule
File size:	460'134 bytes
First seen:	2021-07-31 08:11:36 UTC
Last seen:	2021-07-31 08:53:20 UTC
File type:	exe
MIME type:	application/x-dosexec
ssdeep	12288:Ubt6I1WTmVf0p2PwWSUExF/veNIyWvtZqHJv3C51:UpRUTqIeexF/veNIyKDqHl3q1
TLSH	T176A4236E990486CAC7B5FFFE1B73434364682F7DC22568A2846CCD7255A087E507CBE2
Reporter	abuse_ch
Tags:	exe Loki

Intelligence

File Origin

# of uploads :

2

# of downloads :

624

Origin country :

n/a

Vendor Threat Intelligence

Malware family:

n/a

ID:

1

File name:

72f106a44a4d286abd8bd7c43855d09e.exe

Verdict:

No threats detected

Analysis date:

2021-07-31 08:21:23 UTC

Tags:

n/a

Link:

https://app.any.run/tasks/557f2114-9926-4749-9213-950acc9b156e

Note:

ANY.RUN is an interactive sandbox that analyzes all user actions rather than an uploaded sample

Detection:

n/a

Link:

https://www.capesandbox.com/analysis/175458/

Detection(s):

SecuriteInfo.com.Trojan.PWS.Stealer.23680.29360.6259.UNOFFICIAL

Result

Verdict:

UNKNOWN

Details

Windows PE Executable

Found a Windows Portable Executable (PE) binary. Depending on context, the presence of a binary is suspicious or malicious.

Verdict:

Suspicious

Link:

https://analyze.intezer.com/analyses/84678a6b-bdb3-4ac6-a78b-eee951bc1da5

Result

Threat name:

Unknown

Detection:

suspicious

Classification:

n/a

Score:

21 / 100

Link:

https://www.joesandbox.com/analysis/824861

Signature

Machine Learning detection for sample

Behaviour

Behavior Graph:

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c/

Detection(s):

Malicious file

Link:

https://check.spamhaus.org/check/?searchterm=7ibpslbd4unwpo7jmadg63nx2m2ynhgrhxoo3zf64zrea2qx5fwa._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/210731-e36ytvx87s/

Unpacked files

SH256 hash:

fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c

MD5 hash:

72f106a44a4d286abd8bd7c43855d09e

SHA1 hash:

7c66ae2b8afa496975170673aff1e07608cfc725

Link:

https://www.unpac.me/results/8f362ad3-fa75-405d-b1eb-d1cc5d099f5d/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.14

Link:

https://yomi.yoroi.company/submissions/fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

exe fa02f92c23e51b67bbe960066f6db7d335869cd13ddcede4bee662406a17e96c

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1454376/

Delivery method

Distributed via web download

Cape

Cape

https://www.capesandbox.com/analysis/175458/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample