Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1472-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    f08fd73d5a47952c593ba1dca72a9686

  • SHA1

    ca19332e3e4f938e8311398faa902787a11d6ce8

  • SHA256

    896de9dcca5ec92a991ae8feb780f021e8baaaea488f7b2f65cf249c1d0a27b6

  • SHA512

    07a937ddee487cb29a93e4c18faf7b616ed8b47fe932ca12ae96c84277ef087a1a67ec94b2088d8aed99ffa80d19d703a39c042785315127d8ecc8dccdb59809

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EsUG0SHIG6mQwGmfOQd8YhY0/EnUGt:ocd6bUfFdXTDUZcd6bUfFdXT8UE

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/gk1/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1472-69-0x00000000004139DE-mapping.dmp