Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1632-83-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    e9e3012f937beda5cbb3d50c291c714d

  • SHA1

    ad41e6725c0aa6a71f3f71b1e42110818a5b6ac3

  • SHA256

    f6ffbbd8d439c7cd52e1fb0ec99b0f58645a36a7a29b1db5cef8f00b3bcb4a40

  • SHA512

    8258cdbc5a0247b58c70d8eae7336f527463c76209ec2cc66e582796ae411af493c66a3bc9390cd481d567328bbb6ecf4f5ad2d96b24c7f053b940627432fdd6

  • SSDEEP

    3072:USHIG6mQwGmfOQd8YhY0/EmUGASHIG6mQwGmfOQd8YhY0/ENUGp:Ucd6bUfFdXTZURcd6bUfFdXT2UI

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/jungletwo/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1632-83-0x00000000004139DE-mapping.dmp