Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1508-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    af614ee780f7389c70cda5e44d8b99e7

  • SHA1

    7b089ff8945c889272b2294c06ec52070aa09671

  • SHA256

    259bcb5eb15cc16a5f1bee98630ae9e22356efc6223835dde03409416bf4cdac

  • SHA512

    8005fb7bb3a457ed27684f68f6ddd162e6d94eedaa14965586df04135be3a7ef27e1f1795f2a8d4551c11c7bd9863c697e7c3a993efabceb81fd2e444189f998

  • SSDEEP

    3072:oSHIG6mQwGmfOQd8YhY0/EqUG8SHIG6mQwGmfOQd8YhY0/ENUG1:ocd6bUfFdXThURcd6bUfFdXT6UA

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

https://sempersim.su/ha13/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1508-69-0x00000000004139DE-mapping.dmp