Overview

overview

10

Static

static

10

1720-68-0x...ry.exe

windows7-x64

1

1720-68-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1720-68-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • Sample

    221129-tj6jmadf59

  • MD5

    86c2de3e0baf15e723bfafef5eb9e056

  • SHA1

    2567d00a5c8f2d7755aa38705479bfbbbfe8b075

  • SHA256

    ba8cb4c0fd9ca30ba9537886105728b5be7a41dc4cc0163ef8b65cabe272e037

  • SHA512

    604ab7217b8275cf0a242fdb826311a4f8bcb4a4761a47a9b4c51c22c9e12247d944a4e1a666a52ce2691fa29ff4c1769c13d3306f5fdccd3c5cc79f47ca2d30

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.148/ser/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      1720-68-0x0000000000400000-0x00000000004A2000-memory.dmp

    • Size

      648KB

    • MD5

      86c2de3e0baf15e723bfafef5eb9e056

    • SHA1

      2567d00a5c8f2d7755aa38705479bfbbbfe8b075

    • SHA256

      ba8cb4c0fd9ca30ba9537886105728b5be7a41dc4cc0163ef8b65cabe272e037

    • SHA512

      604ab7217b8275cf0a242fdb826311a4f8bcb4a4761a47a9b4c51c22c9e12247d944a4e1a666a52ce2691fa29ff4c1769c13d3306f5fdccd3c5cc79f47ca2d30

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks