General
-
Target
668-66-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
e1e08178c87b3288e35ce5319f3e132b
-
SHA1
bf9c1cb9e44a5a0b4c3aca9186d4a05670fbb7be
-
SHA256
07dd66bbc79473da91464fc57733a295baac4594fec8bb6b4010b07445b40c42
-
SHA512
fa5a7d0c36ac1e4a348846377604801b91665e4d217035f0e9419f60befaf67c952f3d3c9ccdafdbcd5fca90ac72852282adbf4d9bd96f6f1104e7ff893c4e9c
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqaIzmd:nSHIG6mQwGmfOQd8YhY0/EfUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://sempersim.su/gm13/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
668-66-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections