General

  • Target

    1648-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    70dde65f57f2dc5ded41374d8717a14c

  • SHA1

    6756d2e71da30115a12e5e3051386f1950a50924

  • SHA256

    32e7e993a9cb46dfebc487ec7a8278da6581cd06affde5964a32762b4830d455

  • SHA512

    0a52cae710f7fc6b25f2fc818ddc2dcf103b1256a5c16b6c324e8900bf80957faea7426721a10be3d899198bec2eba2716535370bbe976a076acb9360d9d1bd5

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGaSHIG6mQwGmfOQd8YhY0/E6UGb:Mcd6bUfFdXThUPcd6bUfFdXT9Um

Score
10/10

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.148/osburn/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1648-69-0x00000000004139DE-mapping.dmp