General
-
Target
Shipment Arrival Notice.exe
-
Size
781KB
-
Sample
210511-jetdcy63be
-
MD5
b1d78e6a8d2f23ad5952d431cd01f5c3
-
SHA1
19aa2e5f1f2abcc2993361fe43af38ce29051597
-
SHA256
b326b4848fb7610629f54054b30bac754382db0684a37da3c44e3342a21c2dd8
-
SHA512
4e57a5e0d08e2356c6e8afdfaf6e05642779b16fce8b93a505f1b82bcb9fcdb590e4c21ad1d391f68286c5dcd4c079f1d46bf0d73438573dc09f7f338f2a7a32
Static task
static1
Behavioral task
behavioral1
Sample
Shipment Arrival Notice.exe
Resource
win7v20210408
Malware Config
Extracted
lokibot
https://chem.buet.ac.bd/staff-list/inc/2w/Panel/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Shipment Arrival Notice.exe
-
Size
781KB
-
MD5
b1d78e6a8d2f23ad5952d431cd01f5c3
-
SHA1
19aa2e5f1f2abcc2993361fe43af38ce29051597
-
SHA256
b326b4848fb7610629f54054b30bac754382db0684a37da3c44e3342a21c2dd8
-
SHA512
4e57a5e0d08e2356c6e8afdfaf6e05642779b16fce8b93a505f1b82bcb9fcdb590e4c21ad1d391f68286c5dcd4c079f1d46bf0d73438573dc09f7f338f2a7a32
-
Suspicious use of SetThreadContext
-