General
-
Target
FATURA DHL.exe
-
Size
915KB
-
Sample
210721-l6bygr6p86
-
MD5
97902789babf5acb6b2e1a2bf34f026d
-
SHA1
9d51d7393bfd5eb16a81b2d304267267d25a24c4
-
SHA256
80dbbe2c5ad64fb800afeafa013939c7d13cafb0568b64750b4048a51700110b
-
SHA512
f2ee4eaf132f6840299de1381a768f1b5a2fce91cd6b73758bf9c5157e698d92b7876a638b61a3bba8b4c8fcba0ce53a90e2c3fd0fbdff9d74012f129ce266b8
Static task
static1
Behavioral task
behavioral1
Sample
FATURA DHL.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://185.227.139.18/dsaicosaicasdi.php/a5iPuKTGakcLJ
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
FATURA DHL.exe
-
Size
915KB
-
MD5
97902789babf5acb6b2e1a2bf34f026d
-
SHA1
9d51d7393bfd5eb16a81b2d304267267d25a24c4
-
SHA256
80dbbe2c5ad64fb800afeafa013939c7d13cafb0568b64750b4048a51700110b
-
SHA512
f2ee4eaf132f6840299de1381a768f1b5a2fce91cd6b73758bf9c5157e698d92b7876a638b61a3bba8b4c8fcba0ce53a90e2c3fd0fbdff9d74012f129ce266b8
-
Suspicious use of SetThreadContext
-