Overview

overview

10

Static

static

10

1516-72-0x...ry.exe

windows7-x64

1

1516-72-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1516-72-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    5ea92c9c1b93cb883c1e6f10511f44d7

  • SHA1

    adf754fee836849f380d9d99598aefbc807dcb92

  • SHA256

    2d5ecc52ed9b0d4b742fe08495b6897ab7126aa97acbc8f93bfa4f500b64e8f6

  • SHA512

    0cf30d793cf43fbd8895a847b171f9027a81ad38f4aa85249484beee0b028ceb6a59ca3ff2b9cda5fd4b4df7315ce5991a6cee2e468eed3445e25585d77db10d

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://s603740.smrtp.ru/Panel/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1516-72-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections