Overview

overview

10

Static

static

10

1364-65-0x...ry.exe

windows7-x64

1

1364-65-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1364-65-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    45b446d8842aaf5e5b29cf965a56a2b5

  • SHA1

    2e32ac76c2e914a069975af75e8d0c9b02ed4182

  • SHA256

    a2c967f46ce14894616d24859600e48a64ec74260ba30da2a722d105a355ee0c

  • SHA512

    62136fcb079e7bf4d82ac96a21d00f0138a14790b060ff682ff1497df9c6057f8102685ecb94835c8cc0ff2d34fb7cc2332dde1b843fef946ab1b3ef0c5d6c83

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqIIzmd:nSHIG6mQwGmfOQd8YhY0/EhUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.162/drostov/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1364-65-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections