Overview

overview

10

Static

static

10

560-77-0x0...ry.exe

windows7-x64

1

560-77-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    560-77-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    6d7666b08ab2dd6c6fb680f7800b1b2e

  • SHA1

    0bffc43feeea23172ce95c2ac1b043526bf1a08a

  • SHA256

    6787b31741a75a40f2b461195516a05f3d37a00184f8e5f2bf65f1049ede1aaa

  • SHA512

    c7965870872c682e27a2c849698552d1dc6c7c0338e55a194296dccc808e108311a422b29c97c1ba56f79e744e3043119b9da0aa73e64210f72b80a8622bb279

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqCIzmd:nSHIG6mQwGmfOQd8YhY0/EHUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.162/soft/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 560-77-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections