General
-
Target
E-Statement.exe
-
Size
508KB
-
Sample
210118-5vm5g6esba
-
MD5
947982ab39d010f2f98af775e397d872
-
SHA1
da582e4f305c0f41a2fed42044c823846ef5ff33
-
SHA256
faca80f4cbe69a258c8075a6e5b83d0dd01c9bfcc67060240321e973f12a8ea5
-
SHA512
3014e970ce902a99a8f7665411dceb55a18236b586e658744f44ad7aefde502791c837df53bce9eabb7295384af0bb774b01713160f386853e2afe3165ef171e
Static task
static1
Malware Config
Extracted
lokibot
https://impulsetechnosoft.com/home/cc/Panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
E-Statement.exe
-
Size
508KB
-
MD5
947982ab39d010f2f98af775e397d872
-
SHA1
da582e4f305c0f41a2fed42044c823846ef5ff33
-
SHA256
faca80f4cbe69a258c8075a6e5b83d0dd01c9bfcc67060240321e973f12a8ea5
-
SHA512
3014e970ce902a99a8f7665411dceb55a18236b586e658744f44ad7aefde502791c837df53bce9eabb7295384af0bb774b01713160f386853e2afe3165ef171e
-
Suspicious use of SetThreadContext
-