Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1648-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    1500f3bfe299c47b875744eec1288370

  • SHA1

    a201a001918c4ee3a116bc4b8c91c2fbe25127f5

  • SHA256

    fe558b689391796dd53d1480c06aeb8938b5d6ec9db8b7e1bffd510f89638c44

  • SHA512

    a6679dd44e156ac7e73a77373c71c205197ad6eec683880f4d02356ce69dd1a9fb53e4ea8062bc76d60497b9fab9e0a594fbfdfdddff662cc5badf10744221ef

  • SSDEEP

    3072:sSHIG6mQwGmfOQd8YhY0/EqUGuSHIG6mQwGmfOQd8YhY0/ENUGD:scd6bUfFdXThUzcd6bUfFdXT6UG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/gk1/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1648-69-0x00000000004139DE-mapping.dmp