Overview

overview

10

Static

static

10

4880-135-0...ry.exe

windows7-x64

4880-135-0...ry.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

  • Target

    4880-135-0x0000000000400000-0x00000000004A3000-memory.dmp

  • Size

    652KB

  • MD5

    2876c4492e9c365da9b139c3c7c3ac2a

  • SHA1

    fd21601d4fdff58f9bf7bcdbff9749f59a26bd87

  • SHA256

    d72a790a9634647f524a4e0dd1e9bc719d3bac16af22131a5a8fea4cd3ce576b

  • SHA512

    933b4ae09dbfb6193379933428347dff56fe5e65aa67292ff23f71a9980e7f8d2eb92b08b7049c5ab20c50ef4f9343794bfe4e26c9fe4c1dc6ad42e9a8f64d81

  • SSDEEP

    1536:kzvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmdh:/SHIG6mQwGmfOQd8YhY0/EqUGh

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gk6/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 4880-135-0x0000000000400000-0x00000000004A3000-memory.dmp
    .exe windows x86


    Headers

    Sections