Overview

overview

10

Static

static

10

4924-134-0...ry.exe

windows7-x64

4924-134-0...ry.exe

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4924-134-0x0000000000400000-0x000000000068E000-memory.dmp

  • Size

    2.6MB

  • Sample

    230204-3jhl8sad6s

  • MD5

    4c5502b64b31a81fb485a97930fd968e

  • SHA1

    1db6bfb777d0a41c2db8b2fa1c78d3e67f69521d

  • SHA256

    34ecef4d608d488bc98746e351631259c84cae3725b51abbfbb8b0cf60a180d0

  • SHA512

    1a8ab3265093560b53e93dec026628c7d9150ec171b43c22696754e912f56d9129c04f24a7814dcb793c735b189387ae80544c1e5247e0a348e01ec78188ff22

  • SSDEEP

    49152:RYDCR/+vZiNawzi2CWgglVb4Fb8xxlyipaNuKh5M:aGRWvZiIw22CWgwEGV9ay

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      4924-134-0x0000000000400000-0x000000000068E000-memory.dmp

    • Size

      2.6MB

    • MD5

      4c5502b64b31a81fb485a97930fd968e

    • SHA1

      1db6bfb777d0a41c2db8b2fa1c78d3e67f69521d

    • SHA256

      34ecef4d608d488bc98746e351631259c84cae3725b51abbfbb8b0cf60a180d0

    • SHA512

      1a8ab3265093560b53e93dec026628c7d9150ec171b43c22696754e912f56d9129c04f24a7814dcb793c735b189387ae80544c1e5247e0a348e01ec78188ff22

    • SSDEEP

      49152:RYDCR/+vZiNawzi2CWgglVb4Fb8xxlyipaNuKh5M:aGRWvZiIw22CWgwEGV9ay

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks