General
-
Target
1252-80-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
9bd4d76c33316f82ca80f789ef3ad7d0
-
SHA1
ffde0d7ebd05448ab62e3be477ba5a4bd8d8d337
-
SHA256
cd1f79ffe908344ca54a2bf9e45366acc3ee29af8d3ac9816b9790c06bbbef17
-
SHA512
03582726dae5183dd59ba95ce28ec11e86ded96b4aecbf43fa635ae2494fd319df0e1d3fa8b73c747329d58cd4591ffdf2d9010216e96a3def7e02883cc9e69c
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqRIzmd:nSHIG6mQwGmfOQd8YhY0/EsUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://185.246.220.85/davidhill/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
1252-80-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections