General

  • Target

    840-68-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    a79473c77409a4848631a9c594de1d5c

  • SHA1

    1bae5a8bf378a49ae87d60d2083962400d04dc32

  • SHA256

    db95c2d4acef431e055b5aa6cbbb3f6c5c8b846313eab173ea8e6ca418ae76a3

  • SHA512

    d0a08b5aac879a2d73d1bf6cc25b550ed0c5b0258e64c10d71c8c62d12faeb344adce86fb13366e54017d1ff5f4698616028f4cf669245a9444daa33179458b1

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10

Malware Config

Extracted

Family

lokibot

C2

http://162.0.223.13/?05315

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 840-68-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections