Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1304-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    44b3521eb167bd6a6346419fbe4e2221

  • SHA1

    ecfc9d04a8bdd3db118e25fcb8531f47fec04050

  • SHA256

    cfd12ebe94c00b0c711afcd57dce66bed69260bbdfec72b72c793693c78cd1cb

  • SHA512

    84442efdea0f03ca6a0a0dee312ce88ce9fc4025df94ec123b88afa88b14c25779fa96b31186d663e938e095c070558df65b968bcbaa6622a4a3d8941451494e

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUG+SHIG6mQwGmfOQd8YhY0/EyUGr:ocd6bUfFdXThU7cd6bUfFdXTBUW

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.161/donstan/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1304-69-0x00000000004139DE-mapping.dmp