Overview

overview

10

Static

static

10

1208-75-0x...ry.exe

windows7-x64

1

1208-75-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1208-75-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    811926fb3720fbb188d460945d6075c1

  • SHA1

    78c5358ac59be4fcdfceca7d54a42394e45ced2e

  • SHA256

    ffd59089bab4050b16fddd064f897e0ccc691a97a2b25d3f378b87548f8bfd94

  • SHA512

    bdf1a6df753373b82d7f61d059d0e93f7223c791db3d0ac26d85bc3fb221164fd398a12aafe3ffb4f52b5556560e1caf4ed614b0c30174ec227fc159e15590f0

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EyUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.164/kelly/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1208-75-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections