General
-
Target
652-68-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
857dbe570d6e784c08d3e9306d67ba63
-
SHA1
d9d7d2549f03ee1e8628acf1170b04861800126c
-
SHA256
88c3e4a1c9d051433bf0c0febc7e71053e8cc99c289822b2e3dc903a0d6a2873
-
SHA512
837c58f604cf39939e34eabc3e7f16e5f67ab8ba25d6a2899b1fce42f7c453e9ef67a11aa8d091404b5f586e863e8734fbff72b663933ee3d7c66ce3de8dc120
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
https://sempersim.su/ha15/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
652-68-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections