Overview

overview

10

Static

static

10

1892-69-0x...ry.exe

windows7-x64

1

1892-69-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1892-69-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    b727a26a68ec52b098daf09d884726f0

  • SHA1

    c7af3deca25a8cef6b391e12383d1b3d487b82b4

  • SHA256

    eda26df39f3793f28e5b5b537655b3ef678456b3f93dc41a3ac4dd5e650d887e

  • SHA512

    9f14663d4c56ebbe2d9b77f633fbece8e2401729f1df22ee279fb814b0272b6607762c2d415310bce5c5c153bce383b0a4a01d9ac508e058e4b404676f5fb8f2

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/rostov/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1892-69-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections