General
-
Target
1144-64-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
66a0cc57c2fe3073e5764eac9f88e5d6
-
SHA1
ebedd5647a65bce4d833763e94948724eb8fc4c0
-
SHA256
4ac2f4b3edc81019b709f9407af3b6a1e723f207ae009adb70aa4685515c47f8
-
SHA512
3205478c4e52283d4742f2e9239a95f351f46310f7cbfb9bed9fb13560cd0c58892217f57464dc0281768508b19cad0753643f73e41ffb2b13a43215ca664f0b
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EqUGWSHIG6mQwGmfOQd8YhY0/ENUG7:ocd6bUfFdXThUXcd6bUfFdXT6U6
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://31.220.40.22/~lahtipre/lenzman/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1144-64-0x00000000004139DE-mapping.dmp