General
-
Target
Avviso di pagamento-Euro Bank EFG.exe
-
Size
976KB
-
Sample
210118-kvevvnrb2x
-
MD5
6df77ea67a80146f5e9591a7f79b6871
-
SHA1
12fa2c5c28240b20e29363e3c2bace7d961d445e
-
SHA256
cf38c4fdb8899476e09925741f225203c9f07d2be1cb95833c1c48414812f2a2
-
SHA512
421cc8b15d7cc043ffa143785bee5ffb4833827a7cffda4355312e71a8200a4eebd6ab8f43d4c20fc1dd5b2ce87547841742e404a2c3772eef8b48109b680381
Static task
static1
Behavioral task
behavioral1
Sample
Avviso di pagamento-Euro Bank EFG.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://becharnise.ir/fa2/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Avviso di pagamento-Euro Bank EFG.exe
-
Size
976KB
-
MD5
6df77ea67a80146f5e9591a7f79b6871
-
SHA1
12fa2c5c28240b20e29363e3c2bace7d961d445e
-
SHA256
cf38c4fdb8899476e09925741f225203c9f07d2be1cb95833c1c48414812f2a2
-
SHA512
421cc8b15d7cc043ffa143785bee5ffb4833827a7cffda4355312e71a8200a4eebd6ab8f43d4c20fc1dd5b2ce87547841742e404a2c3772eef8b48109b680381
-
Suspicious use of SetThreadContext
-