General
-
Target
payment slippdf.exe
-
Size
827KB
-
Sample
210422-wkezjnnrz6
-
MD5
1ac199e697b332b96675906f4ed5b4a9
-
SHA1
7c717cf5f68a03309c4de475aa3386006d257bf2
-
SHA256
bd299f37aa9e98b1f42640c6c588b65fb932abd4c3c4b7d258e37be327ae60a4
-
SHA512
4aeb0980fdc455628c47eb14b7ced0d2e4d9649d3c69eacb14b823686130bbc825b76a1ce32ac3cd1c087938c5fa616d5f1176af07f62d655785af12fc24b56e
Static task
static1
Behavioral task
behavioral1
Sample
payment slippdf.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
http://techarnise.ru/fb20/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
payment slippdf.exe
-
Size
827KB
-
MD5
1ac199e697b332b96675906f4ed5b4a9
-
SHA1
7c717cf5f68a03309c4de475aa3386006d257bf2
-
SHA256
bd299f37aa9e98b1f42640c6c588b65fb932abd4c3c4b7d258e37be327ae60a4
-
SHA512
4aeb0980fdc455628c47eb14b7ced0d2e4d9649d3c69eacb14b823686130bbc825b76a1ce32ac3cd1c087938c5fa616d5f1176af07f62d655785af12fc24b56e
-
Suspicious use of SetThreadContext
-