Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1772-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    542feee2cc4f6e3ffb3f6c36be8af164

  • SHA1

    a5a17a739a374421a370d98e3ac5e5ba4ea4d2db

  • SHA256

    04933c01fe42f5b77b2f478a38429c23f61efabb1aeb97be04b36d3215c5412c

  • SHA512

    ab827a13d9a8a92571d94c40eca6450d1e02a74ca99a6faf9fc74abcc52367fe49e6cdb24c37cfc1e140ce5ad33270be9e802a84921b59204a8a097dda281eac

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUGLSHIG6mQwGmfOQd8YhY0/EwUGK:ocd6bUfFdXThU6cd6bUfFdXTTUr

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://162.0.223.13/?5387165893178318742

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1772-69-0x00000000004139DE-mapping.dmp