Overview

overview

10

Static

static

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    472-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    760d2227b89d4c91d7fb6d6a68bad88f

  • SHA1

    88ce5e3b07076036cebda51929c6c9fa132cf429

  • SHA256

    cbf1374a91f165cffca66d609dd2fa6b265bd53c636651f3b8c5c1b487d03841

  • SHA512

    33b98748399e6177fac90ead5d12c3f1fd599ee08ec208bf86f2f131426bff55172db9c3e505ea750366521f014ca0bb96d9d5ccb7f114368b70b679bcc36278

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGuSHIG6mQwGmfOQd8YhY0/E/UGD:Mcd6bUfFdXThUzcd6bUfFdXTcUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/gk1/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 472-69-0x00000000004139DE-mapping.dmp