Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2272-258-0x00000000004139DE-mapping.dmp

  • Size

    756KB

  • MD5

    918df73363af09d1939004693117254c

  • SHA1

    f6a803e330519a6716de9285ca71ec2f817b574c

  • SHA256

    c0d879b3f495bc024d9d5a2f6646ecc1b250a2de2452f9c234552a7d17aa62db

  • SHA512

    31ccb5d0bd1d1ea4d0e0c4ed2b66a01b389f845fc6ab27240949f08d050776fa8933d2dc8a24a36adf7b1e210a669c729f2f168bb0bda3913eac0e196b928c64

  • SSDEEP

    3072:ESHIG6mQwGmfOQd8YhY0/EqUGvSHIG6mQwGmfOQd8YhY0/ENUGQ:Ecd6bUfFdXThUScd6bUfFdXT6Ul

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://162.0.223.13/?OpqycIYJoIxPvNI7mSRvpEdWbvlzd7L2wbAJUztih08MOR

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 2272-258-0x00000000004139DE-mapping.dmp