Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    672-80-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    a07df5f9b4b76321f1c3a0da6ba42c57

  • SHA1

    97e59dae40a43da7c79115ce643e32a45c6ac116

  • SHA256

    4c49c0c02bcacd837d9922a11412aa3cf8d9c1650cccc357ff7e2660646b62df

  • SHA512

    f604a495e6501d003b0e8c7386aeef7441c3eab4bc4431a45ab97442469c60a40fc672305a5d18e5d905cfcf7bbc649f0d6902b85dba32ae2ca719855d27cb83

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGiSHIG6mQwGmfOQd8YhY0/E4UGo:Mcd6bUfFdXThUHcd6bUfFdXT/UZ

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.164/kung/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 672-80-0x00000000004139DE-mapping.dmp