Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1408-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    46f87e947624e53494007e74ba114f8a

  • SHA1

    27044930966f5d090adb87d50f8e52c9de28210c

  • SHA256

    fa10c0b3a41cef0a31c0cb55bb13f4540edab4196cdf2fb9a8abf32c45c53f19

  • SHA512

    e058835f6db723e1668166b413dfd8e4206e4000651e0c927d3c9fcaad7e31615cc452d99e32f548ef2a4cb51695749b95fc78eebc46892eb7ec999b8619a5d6

  • SSDEEP

    3072:4SHIG6mQwGmfOQd8YhY0/EqUGPSHIG6mQwGmfOQd8YhY0/ENUGq:4cd6bUfFdXThUacd6bUfFdXT6Un

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.161/wealth/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1408-69-0x00000000004139DE-mapping.dmp