General
-
Target
1828-67-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
474256ce9739bfbe24bfa339de4b0d8f
-
SHA1
e54449265805a48dbafeddd02b1ad9861448c429
-
SHA256
7233725f372354c7f56492befa6d41bfa3b8a590501096ab20cfef1d6a77809e
-
SHA512
d46a6a9565a624b5d4400198b62c92f2392618f03ff3f12c89efffc7b0886eff10552b9fe0c860edf2a5640d7b62db4d7f5e771807cb3874f0bed857b4d5fe8f
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqSIzmd:nSHIG6mQwGmfOQd8YhY0/ELUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://185.246.220.85/bally/five/fre,php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1828-67-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections