General

  • Target

    1344-68-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    6d6e23cc76763722b130dcdafead46c3

  • SHA1

    a16370d1a2e84eaa438328835eb7f195ecb61aae

  • SHA256

    d0e11b83e470580d44efb1dd3bdb367a7856c2317db915d0c55c0907b621800b

  • SHA512

    fd30c9f8752ca939a92f689d8a2680fc9f82e698ff48118e01dd459d4f5563dfb0aabf14ac7b05d9151a067122a9c2891748776467bb3950dd953ab3a2dfe743

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/E5UGuSHIG6mQwGmfOQd8YhY0/EuUG/:Mcd6bUfFdXTCUDcd6bUfFdXTJUm

Score
10/10

Malware Config

Extracted

Family

lokibot

C2

http://185.227.139.18/dsaicosaicasdi.php/bI7xvNbnxScDp

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1344-68-0x00000000004139DE-mapping.dmp