Overview

overview

10

Static

static

10

268-69-0x0...ry.exe

windows7-x64

1

268-69-0x0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    268-69-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    f56e8b755312fb20d8ccdcf8e67de373

  • SHA1

    d9ca8ff1e273f467e25a4ee09d16f3461168d8ee

  • SHA256

    d0a0f287e4d255ba6840bdcff458117bf0a953edd43716e7adcfa1087693beda

  • SHA512

    1733124b49b20508232643318addc37389be4a71261c8b0e0e80070d4ae891394d532c8a10e49eb7f231e59db40736861eef3ad4f9681f546cddfa93128fe8a2

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

https://sempersim.su/ha13/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 268-69-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections