Overview

overview

10

Static

static

10

1616-173-0...ry.exe

windows7-x64

1

1616-173-0...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1616-173-0x0000000000400000-0x0000000000615000-memory.dmp

  • Size

    2.1MB

  • MD5

    2624b1a6f4e10d6363b3371921ef7b37

  • SHA1

    9f1587b7ec7cf7b91a26180fbd4c69efb906ab68

  • SHA256

    1785bc86310c15f70e611a2ea0ca8e8a1ac077804e82ba9d072d20ff37de180e

  • SHA512

    36b6b31d93fd8cc9fbe4793541e67d04eb80a7a9014004ade6bc8a4c5ac5ddca63662370d2a7ebac51f10f28082f98b7d8d35950e9d509f81424b036957631f9

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqAIzmd:nSHIG6mQwGmfOQd8YhY0/ENUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.147/seth2/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1616-173-0x0000000000400000-0x0000000000615000-memory.dmp
    .exe windows x86


    Headers

    Sections