General
-
Target
1648-69-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
70dde65f57f2dc5ded41374d8717a14c
-
SHA1
6756d2e71da30115a12e5e3051386f1950a50924
-
SHA256
32e7e993a9cb46dfebc487ec7a8278da6581cd06affde5964a32762b4830d455
-
SHA512
0a52cae710f7fc6b25f2fc818ddc2dcf103b1256a5c16b6c324e8900bf80957faea7426721a10be3d899198bec2eba2716535370bbe976a076acb9360d9d1bd5
-
SSDEEP
3072:MSHIG6mQwGmfOQd8YhY0/EqUGaSHIG6mQwGmfOQd8YhY0/E6UGb:Mcd6bUfFdXThUPcd6bUfFdXT9Um
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://208.67.105.148/osburn/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1648-69-0x00000000004139DE-mapping.dmp