Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    952-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    568514ae76853934b53d4cad34a5bcc2

  • SHA1

    9d55b2243724628eb62825a9a828a9dfe6dd009f

  • SHA256

    8fecd8810b3f3fb02a34cc345f49a08908800e88ea0679fef50a6aa49ca98d11

  • SHA512

    207fdee0aa5839e22f6c0bd2035f67f780eba14091910d0ebaeb140a36dadca9ce1e8d7614c40934f201e7aa5db5c6968a8d9e26dedf7e796430ce6cfd6dad45

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUGYSHIG6mQwGmfOQd8YhY0/ELUGl:ocd6bUfFdXThUZcd6bUfFdXTQUU

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://162.0.223.13/?zfkdYtHLPzjU8NYmyvhLkN8G1QZuI5Khl4vjyc5nMohVcgiLLAw5oEMpvMUd

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 952-69-0x00000000004139DE-mapping.dmp