General
-
Target
d81b40d87d7caee2e52fa109131ce7702810c9fb0f98f8a15fdd72f14146e513
-
Size
740KB
-
MD5
a305fe5a1a2d98b54d9acfb97f2d2525
-
SHA1
a9a03774732c584faef112beec2605d333b4181c
-
SHA256
d81b40d87d7caee2e52fa109131ce7702810c9fb0f98f8a15fdd72f14146e513
-
SHA512
8aeb61df7da99da3854c534c07c348f0d89cd1174722f8ad3a72d6606bb9cfb420afa3465f42a5a8fdad20b1a226ee157717c047607321d887bd2406f3ccb71d
-
SSDEEP
12288:7l74EufJUiNnZ6sLpULBcIuiGy+CAC0xOk5O052Vft35tKBZPXKTc:B7juRbNnZ6O0mIqC0xOn0kp7cnXKTc
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://citiline.org.ng/XXD123-TY/TULIP8890890-56788/Panel/five/fre,php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
d81b40d87d7caee2e52fa109131ce7702810c9fb0f98f8a15fdd72f14146e513
2977270fae1bfe1cc3a3258b5bc0e2ed
Headers
Imports
Sections