Overview

overview

10

Static

static

10

728-139-0x...ry.exe

windows7-x64

1

728-139-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    728-139-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    ecdd4876977dfbef98e43fee30d44cf1

  • SHA1

    239da97bd51667f352460c855a11a8ef0a3a1f19

  • SHA256

    931f9127432dcba4d0469fa81bf73cda2050e1709ebdb17cf33066a6267b83f2

  • SHA512

    8120789cfa34c303010531684e25b7a4cf8b4ac5096421046eb36fc21da56811337e1f957d328c7d623983d818f5442e2a3eceb125f2cd5a5fc2c902315ad3a9

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqZIzmd:nSHIG6mQwGmfOQd8YhY0/EYUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gl9/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 728-139-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections