General
-
Target
1040-69-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
7119415de31a5a6e9798c60904da67fb
-
SHA1
8a2cd6da944a4c8eaacb74c899cf4af406f36e48
-
SHA256
11235f2ad84062e7e894b9d677ec671462003b4becfd46fc4c1e9f8ad5e338b7
-
SHA512
f725491e4477bd4b5c1f65ac23b85cd28273785e0a0694be4e9d4d48960ea96aa7d27f2790c0bbda5ba3c9ee931c9cc09c46d973a0e51925fbc1c2eb940b4352
-
SSDEEP
3072:4SHIG6mQwGmfOQd8YhY0/EyUGJSHIG6mQwGmfOQd8YhY0/E1UGJ:4cd6bUfFdXTZUwcd6bUfFdXTiUc
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://171.22.30.147/kelly/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1040-69-0x00000000004139DE-mapping.dmp