Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    952-74-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    b0fa129cf95b1256610cb31f84a4045c

  • SHA1

    239f5b263b81fd2234ff0a8be132d6484f688087

  • SHA256

    2058bc312ea43fcc448bf7dac8a570c34b428d58790501e71dcc652a8bf4a2e4

  • SHA512

    8128786ebe533bb4c565275326b00f90e2afb338551cc9bd72bdc7c7219aec7344b26854c3ae1efeeb1dedc6ce8c635e522465b02ec36f9690507c4579270284

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGbSHIG6mQwGmfOQd8YhY0/ENUG+:Mcd6bUfFdXThUWcd6bUfFdXT6UL

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://192.64.118.167/profile.php?id=egRO6FKX5YqVrq9Meh5RZ4zPGBUnQSI59AUfgEclDCg43qRiIWaI1JxHls4clNiuocKEQW0tzhy

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 952-74-0x00000000004139DE-mapping.dmp