General
-
Target
592-68-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
e3777d870027e4984be51d1e6ffbe8a0
-
SHA1
f15e21be5739def518121200aa33c37d3775452c
-
SHA256
d4170739addd80a47fe1ba187d434d578712042e001afd1e1a3d5627be719c3b
-
SHA512
bd9a09133ff9ccb8baf90c0f9a0f783920cbe800a6d325b8481c6ec301c14a500430943f18a0ba553c772aa599d1617438df98fd2fbacad909679ac232d17456
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://162.0.223.13/?zfkdYtHLPzjU8NYmyvhLkN8G1QZuI5Khl4vjyc5nMohVcgiLLAw5oEMpvMUd
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
592-68-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections