General
-
Target
620-72-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
8fdfcc0817d74725718881340cbedc7e
-
SHA1
c8a29f92efc09deb787e6fb3e5ff0c0eaabcf439
-
SHA256
99953590488fb552e05b97857ea96d59e0ea376ea468ec4eb4eb5eaffc61007c
-
SHA512
1681c73b3269dca3f61d7255d85c65fb9f1008b87917599caa14a86f208cbc1015116843bc79462021138b46e52fa36cc6eb9a18f6ff4f7a6eb94c731a95685a
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EqUGpSHIG6mQwGmfOQd8YhY0/ENUGI:ocd6bUfFdXThUwcd6bUfFdXT6UZ
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://63.250.44.84/cpanel.php?id=0154721716286636215019717878850975448529
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
620-72-0x00000000004139DE-mapping.dmp