Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

1940-74-0x...ry.exe

windows7-x64

1

1940-74-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1940-74-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • Sample

    230330-hadlpsbc29

  • MD5

    88e89c25690501d757793b011590b3fd

  • SHA1

    c2b0d1396c27c00ad763da2ab769ab177e79ee99

  • SHA256

    e8e131c6ffc90f658550f53a2eb393c038e47fd7bfed51f2df7f3f857e4156e7

  • SHA512

    18bfd20aa7844dcd28cf415b159c9d67868ecfbd6e09a20827044276dd77f9601813631cfbdac4772557a158f6fa718c2a589fdc84c27f3afdc0952e6a2edb5a

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/seth2/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      1940-74-0x0000000000400000-0x00000000004A2000-memory.dmp

    • Size

      648KB

    • MD5

      88e89c25690501d757793b011590b3fd

    • SHA1

      c2b0d1396c27c00ad763da2ab769ab177e79ee99

    • SHA256

      e8e131c6ffc90f658550f53a2eb393c038e47fd7bfed51f2df7f3f857e4156e7

    • SHA512

      18bfd20aa7844dcd28cf415b159c9d67868ecfbd6e09a20827044276dd77f9601813631cfbdac4772557a158f6fa718c2a589fdc84c27f3afdc0952e6a2edb5a

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks