Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1424-56-0x00000000003C0000-0x00000000003DB000-memory.dmp

  • Size

    108KB

  • MD5

    d8ac459ec6c620c938fbef67e24953ee

  • SHA1

    809dd267c9d6327c1bcf68060945a820c9ef43ec

  • SHA256

    39fddc0eacd6a6809c5d743c5ebbfd3adfca4f2649586a5aa252ee2799e7a6c6

  • SHA512

    05c5d9ec264e258c351421f12f10ad2e4f699cf961beb8da8a4d3c0e07f3024e1836bb7eb2311f98343aee5d81586cb5be1b775c3e2a83fd1e2ee9a1efae2542

  • SSDEEP

    1536:wl4D3zvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd/:vDMSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://192.64.118.167/profile.php?id=PVqNZOLjG5SzLuILHLJs0DhkK41hQhGGc7tbVfvBknb6STRAFB3Gek0Zp2ggkXWw4qIZFeB0CM6vFY6lz91Ou2

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1424-56-0x00000000003C0000-0x00000000003DB000-memory.dmp