Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1292-81-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    1276a69ab547c4522f7fdb3f0ea9778d

  • SHA1

    e026d93135ac6e4ab0da93d0e944b8cef265922b

  • SHA256

    d2fc42215ad443c79e509a1c07356ff7034c9270da16aabe07c5536a8a0c890c

  • SHA512

    ab1b2bb092948739d974207287863b55bf8beb8527c319e71ba5cd252b629f22e3e3aac7caba49e7b1034308e2b3dbe944b3fea643f9e83fe9dac1ee24fe3a7f

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGnSHIG6mQwGmfOQd8YhY0/ENUG6:Mcd6bUfFdXThUWcd6bUfFdXT6Uz

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/gm5/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1292-81-0x00000000004139DE-mapping.dmp