General
-
Target
1480-66-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
ae0ee169f724a35e5873c06dcaa60877
-
SHA1
5e8a0935495dbc52b84b89794fb49b001c3d18ae
-
SHA256
04c8fb55ec6167429d71c1441df1df04c6a5b096862d1bc613486ce16a5431a6
-
SHA512
564b0ea3daf0b8e46d473098103c2ed8d0e272362195072f066f42c56cbc404f44a10c77966ebe9801a538a1065c163924b94d6ec9641966c8e7a5852b8a6ded
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EqUG3SHIG6mQwGmfOQd8YhY0/ENUG+:ocd6bUfFdXThUucd6bUfFdXT6UX
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://171.22.30.164/candy/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1480-66-0x00000000004139DE-mapping.dmp