General
-
Target
1344-68-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
6d6e23cc76763722b130dcdafead46c3
-
SHA1
a16370d1a2e84eaa438328835eb7f195ecb61aae
-
SHA256
d0e11b83e470580d44efb1dd3bdb367a7856c2317db915d0c55c0907b621800b
-
SHA512
fd30c9f8752ca939a92f689d8a2680fc9f82e698ff48118e01dd459d4f5563dfb0aabf14ac7b05d9151a067122a9c2891748776467bb3950dd953ab3a2dfe743
-
SSDEEP
3072:MSHIG6mQwGmfOQd8YhY0/E5UGuSHIG6mQwGmfOQd8YhY0/EuUG/:Mcd6bUfFdXTCUDcd6bUfFdXTJUm
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://185.227.139.18/dsaicosaicasdi.php/bI7xvNbnxScDp
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1344-68-0x00000000004139DE-mapping.dmp