Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1544-81-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    c918a7d0bdb4b05461a0081f0aac1157

  • SHA1

    59b7782290499fe548596a04bb56ff792aa6f382

  • SHA256

    3ce618a48fd09ef79256d19c7914e46a13a88e9eca1d5093996ebc22505d485a

  • SHA512

    1bb0be4bcd77363ea72e6039ae058ae84375993ba6f754d893c3e19f2d516de961edfd5cfe299646a8e1807eedd93188e012fb1fb13111a31cea5a29809edd63

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUGTSHIG6mQwGmfOQd8YhY0/ExUGK:ocd6bUfFdXThUWcd6bUfFdXTyUv

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.164/kung/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1544-81-0x00000000004139DE-mapping.dmp