Overview

overview

10

Static

static

10

1640-67-0x...ry.exe

windows7-x64

1

1640-67-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1640-67-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    34edf07b639538fc640fc13cba3d4ac9

  • SHA1

    15a979b0da9f27a877855398ca3e4b636194dfe5

  • SHA256

    3e3cf4565cbd050433b5bb88620ded543246fc2fd8fdf11370d5a5255e22f7cb

  • SHA512

    8d2f746dae040e6051604c56372354271c4417356985c9ea580f8b898b474089e3913a5dac92c8904d27a10620c9b17fcf41ac380e1f8217c0809153c92d9d44

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://63.250.44.84/cpanel.php?id=9121742233699953438204256259151063147460

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1640-67-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections