Overview

overview

10

Static

static

10

1648-69-0x...ry.exe

windows7-x64

1

1648-69-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1648-69-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    f2a1291496a896ad6d43f36a80684f80

  • SHA1

    7dcd8c2b9a723e8d86d3d72b75494212a807e409

  • SHA256

    7e19ecacdd1722d7bc00499fb0969b82f9523f9835e0d45139754afe15cb4767

  • SHA512

    f0c684ef179e34d6fb657125c503c1dd9765e5f29beea69dbd90f3ca42894e176ea45c5d7dac11a5277a10a5d4dad9cb210b6a8743aad114f001691e8a68a546

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

https://sempersim.su/hb2/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1648-69-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows x86


    Headers

    Sections