a56f68c3b7f18998bb62edef65b4a682 | Triage

Submit
Reports

Overview

overview

Static

static

Product_De...38.exe

windows7-x64

Product_De...38.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

Product_Details_21638.exe

Resource

win7-20220812-en

lokibot wshrat collection persistence spyware stealer trojan

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

Product_Details_21638.exe

Resource

win10v2004-20220901-en

lokibot wshrat collection persistence spyware stealer trojan

windows10-2004-x64

18 signatures

150 seconds

General

Target

a56f68c3b7f18998bb62edef65b4a682
Size

2.7MB
MD5

a56f68c3b7f18998bb62edef65b4a682
SHA1

d2a731b357651687dd8f4584a93c49d9ebfa1cf5
SHA256

06f0bf3c500179c5e919ecd16879fdd27347eaeae00fe55b7069577cb490f2ee
SHA512

1834ceea959acdec82d1967d9b7f8799951c2d325718b615e98e11d90ab276b4ba492374eabce598d8d9e6f8ce074ef0c39a8359da991cc3a5a2292a035ad1f3
SSDEEP

24576:4HiqVZMZkMPDr7Ui4AUvN/SDNQWiTac+uL0ajt564/8x0Cac:6i5CMPX7Ui4FvN/dWC6uL0ajv6q8x0C9

Score

N/A

Malware Config

Signatures

Files

a56f68c3b7f18998bb62edef65b4a682
.eml
- https://www.avast.com/antivirus
Pfizer Request for Quotation.iso
.iso
Product_Details_21638.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ef8787a7.png
.png
email-html-2.txt
.html
email-plain-1.txt

© 2018-2025

Terms | Privacy