General
-
Target
800-81-0x00000000004139DE-mapping.dmp
-
Size
752KB
-
MD5
43ece7edb8d14b96e718280bfc01b135
-
SHA1
30127449eff797b94d672af05ebfb1d990a9fbee
-
SHA256
4c8fd69946c74814140b83b5c1f3bc85c55fd8e62fb481d40b41eb7f348f013f
-
SHA512
5cc62ed47e59e43b1e29ca2693957a1bcd991b9bc6b6e9dc430b941517481ac97c18a2c96bdbdf2c0dd48b7328f38e50a273d86f5b40e7eb1f8b19e5b93010b2
-
SSDEEP
3072:oSHIG6mQwGmfOQd8YhY0/EOUGVSHIG6mQwGmfOQd8YhY0/EpUGz:ocd6bUfFdXTVU4cd6bUfFdXTeUu
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
https://sempersim.su/ha13/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
Files
-
800-81-0x00000000004139DE-mapping.dmp