Overview

overview

10

Static

static

10

1496-65-0x...ry.exe

windows7-x64

1

1496-65-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1496-65-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    c7e6950a7db9322df07aa3135ad17cf2

  • SHA1

    64260e77e471baef14fe629907b74ee7e7332461

  • SHA256

    1f2486280f2c2ae735c10d6e27a3df46d23b7ac75d1bbac03bdb8f3622458781

  • SHA512

    2cf0ebe1146a154d0e0aed3f1e388caaa34209b7a325639bad43c824a04ec72b621bf950b4d9f1282f85df7b953a0ea5a90aeacc8b7a23efb3dce7c8990ffca9

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqsIzmd:nSHIG6mQwGmfOQd8YhY0/EhUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://wexno.us/ho/sk/dancex.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1496-65-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections