General
-
Target
Saran Pembayaran BCA_PDF.exe
-
Size
462KB
-
Sample
210624-k3h1sgckn2
-
MD5
1f4dde57dbda788b7781948c83af6b8e
-
SHA1
d02ab374e22fd4eb413f5752c9cfb249c1c514ac
-
SHA256
6a2d4f973fda446fac31f2b2a23f82669ff77d1bdb0b07c32e4a1f36a6feec54
-
SHA512
82b59c8c748319d8822b7f744931c7d43f8d4637761588c3868d5cfd03df6507b19d189c79450cbe01dc5b8a6b8c4a91a054ae27d549d9b71bbcb3909eff2dff
Static task
static1
Behavioral task
behavioral1
Sample
Saran Pembayaran BCA_PDF.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://63.141.228.141/32.php/Uo2Q8E3IZNLpA
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Saran Pembayaran BCA_PDF.exe
-
Size
462KB
-
MD5
1f4dde57dbda788b7781948c83af6b8e
-
SHA1
d02ab374e22fd4eb413f5752c9cfb249c1c514ac
-
SHA256
6a2d4f973fda446fac31f2b2a23f82669ff77d1bdb0b07c32e4a1f36a6feec54
-
SHA512
82b59c8c748319d8822b7f744931c7d43f8d4637761588c3868d5cfd03df6507b19d189c79450cbe01dc5b8a6b8c4a91a054ae27d549d9b71bbcb3909eff2dff
-
Suspicious use of SetThreadContext
-