Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    468-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    6d0b6d9a8d0e31d4ae06c7829222d678

  • SHA1

    90d61277f31e32e529c162a93a7859bf9356feca

  • SHA256

    71dcdfd7f71f7de7551dac3dd2650048d073ab7ac63f3cf7bd3c7a0fdfdea560

  • SHA512

    55226acbad372cf8cd86118a111f91ee645be2f461888dc5fb919982e874220ac9185cd7b12a2c2782c38e943625819e56e0a4d52fa2aac7c18ce3d9b411a9ee

  • SSDEEP

    3072:USHIG6mQwGmfOQd8YhY0/EqUGISHIG6mQwGmfOQd8YhY0/ENUGN:Ucd6bUfFdXThUlcd6bUfFdXT6U4

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://192.64.118.167/profile.php?id=nWQbBGxKhSvP6IVjZ9TTn36tKXZhgQAEMqPo6n8ofEdln9FmjygGBmamk9DA0efNF4bM

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 468-69-0x00000000004139DE-mapping.dmp