Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    112-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    1277e7b24e9d5a5cba6163c828b1ad6a

  • SHA1

    72def21c339c650d545ab4e212ffc7ffa2f4f28a

  • SHA256

    3991b76457f4d68e8ee1f30a521420efec7a53cfb33562f391e514d6bf771de2

  • SHA512

    05e43e7dfa6a629c3ebe6550758ac2440f2ca0333de9eb31a4cbe98dab56237f24551f15edf6a8bbd5032a9bb243f390bc6bd33901cbe9d7a874e0b2b801ae60

  • SSDEEP

    3072:USHIG6mQwGmfOQd8YhY0/EqUGbSHIG6mQwGmfOQd8YhY0/ENUG+:Ucd6bUfFdXThUWcd6bUfFdXT6UL

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://192.64.118.167/profile.php?id=egRO6FKX5YqVrq9Meh5RZ4zPGBUnQSI59AUfgEclDCg43qRiIWaI1JxHls4clNiuocKEQW0tzhy

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 112-69-0x00000000004139DE-mapping.dmp