Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1204-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    99e0f29f0997b7f730aaaf3a1c810aa5

  • SHA1

    866eceeb9dfd28b4f0449fba41076db99258406c

  • SHA256

    9bf664da66fe46024ac788b8a5138cd70e9e545547a4e5f495548eb2c5ed25a1

  • SHA512

    586b98904cba1b94a38551fc065044199d29c061dc75f7ced00e53d29d531073d35289bea7833aae1c1cdaf6a23827ee32774dab7f6e6134c3f86a3908d00596

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EhUGpSHIG6mQwGmfOQd8YhY0/EWUG8:ocd6bUfFdXTiUUcd6bUfFdXTxUd

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/kings/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1204-69-0x00000000004139DE-mapping.dmp