Overview

overview

10

Static

static

10

552-67-0x0...ry.exe

windows7-x64

1

552-67-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    552-67-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • Sample

    230119-rxk4qsgc38

  • MD5

    fd76f7524153ba4d4f069ef7d92e9a9c

  • SHA1

    e775158dd978e2f816664ee8550ad9ffe46e4cbd

  • SHA256

    8a8e886730dc9ccfd36809f86a21fa1b5581a3a95003166071d0b810342d40d7

  • SHA512

    a4c62b7d5ce151965246d71ec6e6b09f4482ef97657de5196e2ca9794515fff138a9230076d35760300e2cb70c23540abd0ab28b011495bffafc37b8b148db0c

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/Eq/Izmd:nSHIG6mQwGmfOQd8YhY0/EyUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/cody/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      552-67-0x0000000000400000-0x00000000004A2000-memory.dmp

    • Size

      648KB

    • MD5

      fd76f7524153ba4d4f069ef7d92e9a9c

    • SHA1

      e775158dd978e2f816664ee8550ad9ffe46e4cbd

    • SHA256

      8a8e886730dc9ccfd36809f86a21fa1b5581a3a95003166071d0b810342d40d7

    • SHA512

      a4c62b7d5ce151965246d71ec6e6b09f4482ef97657de5196e2ca9794515fff138a9230076d35760300e2cb70c23540abd0ab28b011495bffafc37b8b148db0c

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/Eq/Izmd:nSHIG6mQwGmfOQd8YhY0/EyUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks