General
-
Target
2000-88-0x0000000000400000-0x00000000004A2000-memory.dmp
-
Size
648KB
-
MD5
eefc2faf8f5256d9b6af57245758514e
-
SHA1
ed74372d10296030c64a41e9e5056bcfc5101890
-
SHA256
99f124afdad3a0555410cb5342c299504b5db2a522efd14ae896430003f79a95
-
SHA512
4b57552f9ae20fa5199b9208978ef7a57fd0a0df8ea76ecfb784e949ba04e83a2e48da5a5825d6c0bc84c38bee670bdbbdb7ebb4de9318291618bb90d2a11a59
-
SSDEEP
1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/Eq+Izmd:nSHIG6mQwGmfOQd8YhY0/E/UG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://208.67.105.148/blessedjay/five/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
2000-88-0x0000000000400000-0x00000000004A2000-memory.dmp
Headers
Sections