General
-
Target
ZAHTJEV ZA PONUDU 14-01-2020·pdf.exe
-
Size
344KB
-
Sample
210114-qkj6cqdvee
-
MD5
94b2ec845e840391b3ef14ee10571fed
-
SHA1
9fd12ac0496c253d07539b321b5c2dac82a430e4
-
SHA256
53f89ac782afeef77891b25e92440050a0bb224ff1eb439ac787364335b661cd
-
SHA512
93aaf99a7ec59e160f980ec755fcb09d6422216d163092fd0d4bb8b3d7b8866449c9d1501904aa00b47fb159cb972e697e0a80d17755c38671c5126a51ab49d0
Static task
static1
Behavioral task
behavioral1
Sample
ZAHTJEV ZA PONUDU 14-01-2020·pdf.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/TAvyWQRo1IIY4
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
ZAHTJEV ZA PONUDU 14-01-2020·pdf.exe
-
Size
344KB
-
MD5
94b2ec845e840391b3ef14ee10571fed
-
SHA1
9fd12ac0496c253d07539b321b5c2dac82a430e4
-
SHA256
53f89ac782afeef77891b25e92440050a0bb224ff1eb439ac787364335b661cd
-
SHA512
93aaf99a7ec59e160f980ec755fcb09d6422216d163092fd0d4bb8b3d7b8866449c9d1501904aa00b47fb159cb972e697e0a80d17755c38671c5126a51ab49d0
-
Suspicious use of SetThreadContext
-