Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    984-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    64f8356e4289679f1626b0ea26c2b142

  • SHA1

    0587a18bc797ff3ab0be4a2e8f18e59e1c806bab

  • SHA256

    c245526bac0b27e0251390d349ca6b8183bf9f806f30cd216ef3d1b8a0cd951c

  • SHA512

    43675cdcfebd95c8bd60681ec48ec754bd09efedc34ae1617b2a3cab427a06a14b3f38a31839c711f29203aee8c623bb0309d55dfe8caf99b40ffe856de2ca90

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUGYSHIG6mQwGmfOQd8YhY0/ENUGl:ocd6bUfFdXThUZcd6bUfFdXT6UU

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://162.0.223.13/?zfkdYtHLPzjU8NYmyvhLkN8G1QZuI5Khl4vjyc5nMohVcgiLLAw5oEMpvMUd

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 984-69-0x00000000004139DE-mapping.dmp