General
-
Target
1684-69-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
a30bddb84cc24f76b526ed7f0287751a
-
SHA1
2e26bce347f08bf27b068e612e599f57aef6aa3e
-
SHA256
c576444e23f9f957051de3d1016c2e25a9bfe6db36ab4e9ce557dc2f206bde6b
-
SHA512
add822370b2ec00c9120a1e28177da04d56b0dad480c6e8714f67433c0a74453dc45e824432e42d27b84416c80eae0c3823cd9383f7cc8439e00c0c54d388954
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EqUGaSHIG6mQwGmfOQd8YhY0/ENUGb:ocd6bUfFdXThUPcd6bUfFdXT6Um
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://208.67.105.148/osburn/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1684-69-0x00000000004139DE-mapping.dmp