General
-
Target
350776d4faa5b4c3ec4ea49d4e90099df436080b1dd76303e4d3cc9abd74c14d
-
Size
236KB
-
Sample
220521-mhzw5afaak
-
MD5
2eaeb5ff8cd910252d174b19774a1b75
-
SHA1
02e04f90e4d6ec906d5cf41cd6dcacef9d6886e7
-
SHA256
350776d4faa5b4c3ec4ea49d4e90099df436080b1dd76303e4d3cc9abd74c14d
-
SHA512
06457e2996f21ec5d97aa45baaa6246fd6582881eace1a15f9a832f3b22d012328cf19203a8313c28e1d198bf246363e414ffe0dd29da0f1aa4f932a41784d8c
Static task
static1
Behavioral task
behavioral1
Sample
Telegraphic TT_pdf.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
Telegraphic TT_pdf.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
lokibot
http://modevin.ga/~zadmin/lmark/gld/mode.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
Telegraphic TT_pdf.exe
-
Size
263KB
-
MD5
7303050178e778b49c4739d292be1134
-
SHA1
a03cef1f269e46030fb853e55b3ad08adce1e906
-
SHA256
17202bb0d0bdcfba25f18ec1692c3fd2a858cc8cb70cb9faeb703a31e54152de
-
SHA512
b5dc7714b930860bb65981e3ad8e4c4d4d169d293ce6c8364e6177d70359f3034122f76256b357f2ed22584205bfdb91c1e869fe0bc526a450a18208761f1a6e
Score10/10-
Loads dropped DLL
-
Accesses Microsoft Outlook profiles
-