Overview

overview

10

Static

static

10

4420-139-0...ry.exe

windows7-x64

1

4420-139-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    4420-139-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    ef049e2c6e251cc8a1c3a07bfcbcf38f

  • SHA1

    bca7690efaeee93e78ecdf5e0bfeef51c0f86e1b

  • SHA256

    7a76da94fa96d6fdfa350cd83898ec015e14d3292328d5c46376671da7122477

  • SHA512

    f6b447fcfad89a77c89e3b688d786e583b7b236bb783c952b429d0ea411380cdf2f7086ba10610b2cf6a585d7f4e4ab5b0688cfe37ee971b111aec5612f2847e

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.161/donstan/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 4420-139-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections