General
-
Target
pago urgentePDF_____________________.exe
-
Size
500KB
-
Sample
210226-6bm9ezrxgs
-
MD5
3f2edb003456f309c1f24e153cf40755
-
SHA1
66566ca27fa9ba736231f495b94c57f296ec921a
-
SHA256
c3343b92155dfd866001b1126374d5d6e6e8efcbb889eccf0699dd6f29be580c
-
SHA512
ff4ea7ed6386d7dc99eb90147220355a2ecdd62596ae4a09f871d6ff214e6de2bac2b47f22add35314274c804fad3424a5ec5fa9920e45648e93179a2dc994a5
Static task
static1
Behavioral task
behavioral1
Sample
pago urgentePDF_____________________.exe
Resource
win7v20201028
Malware Config
Extracted
lokibot
http://51.195.53.221/p.php/qgZUTMW0pWR4Q
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
pago urgentePDF_____________________.exe
-
Size
500KB
-
MD5
3f2edb003456f309c1f24e153cf40755
-
SHA1
66566ca27fa9ba736231f495b94c57f296ec921a
-
SHA256
c3343b92155dfd866001b1126374d5d6e6e8efcbb889eccf0699dd6f29be580c
-
SHA512
ff4ea7ed6386d7dc99eb90147220355a2ecdd62596ae4a09f871d6ff214e6de2bac2b47f22add35314274c804fad3424a5ec5fa9920e45648e93179a2dc994a5
-
Suspicious use of SetThreadContext
-