General
-
Target
aviso de pago.pdf.exe
-
Size
1.0MB
-
Sample
210721-mhnv3zqnsj
-
MD5
d308eadbac9ea8eb3b0d9ab1112419be
-
SHA1
afdbe9177f5a38d59197fac722fdd91f9c50c928
-
SHA256
d3b21861d2dbbae76b30b6c1253be0775c7ea63d183ded44f041a609cbd929c4
-
SHA512
d9cb928e8cad22286e95f57e3367cf35756588039f0fa00c5c16eecc12167b1b946bddbd09450f1b1b9da08b3c77e8bde8e0776dc120963faa97d98cbf25cde1
Static task
static1
Behavioral task
behavioral1
Sample
aviso de pago.pdf.exe
Resource
win7v20210410
Malware Config
Extracted
lokibot
http://ccjjlogsx.com/uu/me/tc.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
aviso de pago.pdf.exe
-
Size
1.0MB
-
MD5
d308eadbac9ea8eb3b0d9ab1112419be
-
SHA1
afdbe9177f5a38d59197fac722fdd91f9c50c928
-
SHA256
d3b21861d2dbbae76b30b6c1253be0775c7ea63d183ded44f041a609cbd929c4
-
SHA512
d9cb928e8cad22286e95f57e3367cf35756588039f0fa00c5c16eecc12167b1b946bddbd09450f1b1b9da08b3c77e8bde8e0776dc120963faa97d98cbf25cde1
-
Suspicious use of SetThreadContext
-