Overview

overview

10

Static

static

10

1332-67-0x...ry.exe

windows7-x64

1

1332-67-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1332-67-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    90ae93bcb4335233b8268bc3179843a1

  • SHA1

    526e9736007aeabb5562a60e24acfdb3cc2ce5da

  • SHA256

    f7b010d90b14ab0853d85bfab31dd0d773a622922ca18a7552dd20ecc5be46c6

  • SHA512

    ec175f6c24d551b5d90ffbc01fe34b88960b6f10947191e183f76344ef2280b265d0dc34ea46e3c758018e7b6b897904ad42fe596fdfd03510e3b172305f7b33

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/Eq9Izmd:nSHIG6mQwGmfOQd8YhY0/EIUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

https://sempersim.su/ha12/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1332-67-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections