Overview

overview

10

Static

static

10

1684-68-0x...ry.exe

windows7-x64

1

1684-68-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1684-68-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    3ad304b061bf6af83eca04fb0d116cb1

  • SHA1

    25b2aebae94fb3d74e3d9f4bafcfe17312342e3e

  • SHA256

    3dc6c016e1e623a33af497ca4358e6ea02e6091f2f05744afe613102de351259

  • SHA512

    24b16825578e931a9ea1804fb70b62c9f93be47b7d42827c7380c4883cf0c3370ff6a854e539eeb309d7bf234c8e96cb427fd38996528e4cb38b89f40c0f4b2f

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqGIzmd:nSHIG6mQwGmfOQd8YhY0/ETUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://ekens.top/RT/as/Mo1.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1684-68-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections