Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1380-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    705a49cd2950cb4e148e1236d9266952

  • SHA1

    e575a179d63a97c1e7b81f9273539088380c0234

  • SHA256

    3da87b3809457279e864687941b360ba8b8ac58bf332ec1346823aec6a5cdca2

  • SHA512

    dae117949347acad134e7a24745e07cefade06686cfee63ecb060b04e0815ff0e95d705489de158b5ddee8adb64bed8adeae648ed0515a4284e190ae459164bb

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGqSHIG6mQwGmfOQd8YhY0/EJUGj:Mcd6bUfFdXThUbcd6bUfFdXTWU6

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.162/workshop/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1380-69-0x00000000004139DE-mapping.dmp