Overview

overview

10

Static

static

10

f9ad09a1e9...f8.exe

windows7-x64

1

f9ad09a1e9...f8.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    f9ad09a1e9b0fa244fdd781ca8d02b2d7e692a99a4af3e2b609b762776641cf8

  • Size

    648KB

  • MD5

    02962694b4bebcab98ad39a248dab142

  • SHA1

    275bb159918b3da8a89315d997430c12cc9300d5

  • SHA256

    f9ad09a1e9b0fa244fdd781ca8d02b2d7e692a99a4af3e2b609b762776641cf8

  • SHA512

    1641e01d860a9238e1eb0939e81873b0dfece78f041d643d5aed55ace83c86b7397675e8987924b3f1829623bf547a047c0f1febe9016d7e480b54875433c8f9

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://192.64.118.167/profile.php?id=c8yvgbsMj6cfi8tRFjYApl9gdnJylGUxPt35EvSYC4dUcGLS0Jsq4BGiYpRk6MSVfW1TrTS4X5Y9

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • f9ad09a1e9b0fa244fdd781ca8d02b2d7e692a99a4af3e2b609b762776641cf8
    .exe windows x86


    Headers

    Sections