General
-
Target
1504-69-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
8958d8e0d99faba6e94d1e48840a083a
-
SHA1
af0d6d9bdaa745c68d9b38392c866868f37f251d
-
SHA256
5690386cd30fca17929650cf33bd5a4232928e462921df61421bbf90d5bf786b
-
SHA512
a869388795a070b3a8f4d6ffc5a8a559197f82f14f755906127624ede233e38c9fa2e9c08cf7196d13071411498c5a7dc0f640014da99b9aebc8ee0edd940d2c
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EqUG7SHIG6mQwGmfOQd8YhY0/ENUGy:ocd6bUfFdXThUycd6bUfFdXT6Uz
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://162.0.223.13/?ui31hfjahdifajdkfjxiozd
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1504-69-0x00000000004139DE-mapping.dmp