Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    5068-134-0x0000000004850000-0x000000000486B000-memory.dmp

  • Size

    108KB

  • MD5

    ed5e1d8bf6c32e56f7e0954991f5510c

  • SHA1

    ed50c15313a839d403b1c7d6da5c565faadc9b12

  • SHA256

    7598ed667b71ac998c221101b5c182830b8f09ea6d809852b20ea405c7305f35

  • SHA512

    a01f8e3fd045b74f0d19c6b9ff600327d45e595480ffead3a9caf9549c39ed39e6431815dc1b899cc1399aaf32163c311b7f7b9bb70c2258fcf353a05f102986

  • SSDEEP

    1536:wlnD3zvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:oDMSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.148/mous/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 5068-134-0x0000000004850000-0x000000000486B000-memory.dmp