General
-
Target
1376-65-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
5e030a1dfaea5ae7d531e78861b2ff51
-
SHA1
7e53410f0046a0c31b7711d706e4938b67b9d3ca
-
SHA256
eb0d6d185b8d5b4adf22fdb98bed0a15c99861729bddfdf68a40a1eff8547646
-
SHA512
f344514388d77473782dbd947e873f718bb990da628cd7090706cc03c38aa2d51bd5b7dcc752ce8b6817aba47b08fa54d5c6d920a454f5753a2b78f9d23e9aad
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqGIzmd:nSHIG6mQwGmfOQd8YhY0/ELUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://171.22.30.147/rostov/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1376-65-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections