Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    580-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    f1b4c2844c6cd984b378fe0c14b18fde

  • SHA1

    20bb500eca736cb84dfa8f30dfac8208138006da

  • SHA256

    b92594cca2906710e8a7761129efc84ff2a43460b59eca1874f650135d82eac9

  • SHA512

    535a8163b41aeca3a161ef2611d2704aa4bedba387c56dccaccb554102cc54d8826d91f3bdb446dd98b5b47dda595f005b85bbbc5977e01269ac4280bbf9c3d4

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUGjSHIG6mQwGmfOQd8YhY0/ENUGK:ocd6bUfFdXThUGcd6bUfFdXT6Un

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gk3/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 580-69-0x00000000004139DE-mapping.dmp