Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    1096-69-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    4e4dba233b8f9442a6f4fd74612adce8

  • SHA1

    886a3524c203acf54bcd7633c5e4c1eb1d250b21

  • SHA256

    6473e4b89c946a2672f68ffbb35b1a1bde2b2187c75bf079691964cc8ad3d623

  • SHA512

    cfff6fbc7c8928d66e81d34312de5de1871844b8d71955579f8aeefc2390ff03742db3367df0a04de4ca2fc7d8fb09dfd564896a5bea02c10ad6f4b02fb05f31

  • SSDEEP

    3072:MSHIG6mQwGmfOQd8YhY0/EqUGgSHIG6mQwGmfOQd8YhY0/ENUGJ:Mcd6bUfFdXThUhcd6bUfFdXT6U4

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.164/yan/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1096-69-0x00000000004139DE-mapping.dmp