General
-
Target
FACTURA DE ENVÍO.pdf.exe
-
Size
1.0MB
-
Sample
210115-leqj8x8l5e
-
MD5
f2bdb4e0ad5f59e25ae0aa08cd262565
-
SHA1
6f58e9f29a662c028e2375e69ff25d53397596c1
-
SHA256
05a2e1c109cbf757af3856c7080abe847c40f17b56a2a0476efff9a82b25face
-
SHA512
fc5a1fcee82f470ed61dfa378a89288276787379358f047d64949f6bbfa3d706d456702be61c24f2d189de7839372f7eebd21b8364bff718872694e3b06f061a
Static task
static1
Behavioral task
behavioral1
Sample
FACTURA DE ENVÍO.pdf.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/HsSpKI8PLZu2g
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
FACTURA DE ENVÍO.pdf.exe
-
Size
1.0MB
-
MD5
f2bdb4e0ad5f59e25ae0aa08cd262565
-
SHA1
6f58e9f29a662c028e2375e69ff25d53397596c1
-
SHA256
05a2e1c109cbf757af3856c7080abe847c40f17b56a2a0476efff9a82b25face
-
SHA512
fc5a1fcee82f470ed61dfa378a89288276787379358f047d64949f6bbfa3d706d456702be61c24f2d189de7839372f7eebd21b8364bff718872694e3b06f061a
-
Suspicious use of SetThreadContext
-