General
-
Target
DHL Factura comercial.pdf.lzh
-
Size
401KB
-
Sample
220923-h5we1addh2
-
MD5
6fa72854826238038fb0cfdf1e23d5e6
-
SHA1
2c09b25c0116002dfbfcb2d3ca430b16c729a4a3
-
SHA256
fbab9ecd3a7ebde930f507faaa5d6c7a1b6e26ff3a6799eeb61de252871bfd80
-
SHA512
c1845fc59acef499922725ebc24dd241a6b0581518938cf5dbb72ed9850e1b9cbebde2694c0267790f24403a859c9fd7340003a53a6a99115a8b371a5655efb4
-
SSDEEP
6144:ighzcbLuClj4SBRRAqXOhxfqyj1NcY245bnAILUM+CWCCPZ8pT2esVvnunzNlKIC:itlEsChxSyjzcbEbAiUGCh1esVPunhoV
Static task
static1
Behavioral task
behavioral1
Sample
DHL Factura comercial.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
lokibot
http://sempersim.su/gk6/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
DHL Factura comercial.exe
-
Size
555KB
-
MD5
9752517ea5860e520580f5516972ce6c
-
SHA1
531a67f2f455b57a68cde8a838c0ef67a45097bc
-
SHA256
716d7b70dde7c1b542da15683310234907d8d73b9f01d29892a7e17d3f8752fb
-
SHA512
43dea58b6fb0b776c4440a091024260531e3fe94c5029b3cd772723159323919eeefc0e7ea1dd9e1307f80b8c55baa70d6ab1229bf3650e09c26d3c62d96daba
-
SSDEEP
12288:JtdXDdEzCcmeliA7sfo9/MnEh9JbQ8S3t6rnkU7rQZRoOQK4qaJaATzq7:JLzdEzCcRliA7sy/MnEh91QnJUIZiOQM
Score10/10-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-