Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1328-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    77873366117a720b8d859b7546e53455

  • SHA1

    d7efbea56cc9ba55481ea34327a3a8f0d2fed9fb

  • SHA256

    9db5443bc3bb09734bd366c216d417343bd7b2967f7bad548ffc43d0ac91dc39

  • SHA512

    c122b798a7ae2fd2202d62d16dcb2825f9d5bc126429bf5896800d3d763dea4b75a9e409047922fd4e710bc145ee26328ed58d4260a53f364a2f5f8381bc6fa8

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGqSHIG6mQwGmfOQd8YhY0/EOUGj:Mcd6bUfFdXThUbcd6bUfFdXT1U6

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.162/workshop/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1328-69-0x00000000004139DE-mapping.dmp