General

  • Target

    920-82-0x00000000004139DE-mapping.dmp

  • Size

    752KB

  • MD5

    a4e9e71c275500797422342ce6231c69

  • SHA1

    6119c3063dba0443f4e38fedbfcfce8204dfceec

  • SHA256

    a8036837fe4c96392096fb5ee50e6ae285d0541c300a46abf830cc91b1d19a30

  • SHA512

    48cec65201e01cd47ec3dc278962885284c12b8e54767b6381fad356fc55057582431ecfe79c5ca3fafabc48d239ba58364bbf15bc633f3eedb43e53e6af026c

  • SSDEEP

    3072:USHIG6mQwGmfOQd8YhY0/EqUGySHIG6mQwGmfOQd8YhY0/ERUGz:Ucd6bUfFdXThUPcd6bUfFdXTCUe

Score
10/10

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/kelly/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 920-82-0x00000000004139DE-mapping.dmp