General
-
Target
948-66-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
9803698610d9e0c596f7169a86a6bb38
-
SHA1
e044094967f055de937a921dbf295bd6e0932410
-
SHA256
50a503f32eeabb0a8f8c924cf1a44402c38e2e0be14d818bedbb6083bac56048
-
SHA512
2f6efdb0e9c7ee3d32aee44f1f32e3612b4ff4fc5e19bc050c6120217239f818b522cd81a2ba4027c6b0eb99b647673c91dec194d5e9a7366f84e9783688c35b
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqhIzmd:nSHIG6mQwGmfOQd8YhY0/EMUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://208.67.105.161/starmoney/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
948-66-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections