Overview

overview

10

Static

static

10

dridex

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b744bae65129d2d9980029a4d55b4552c79a28a5afa89b48e0a383b96078231a

  • Size

    104KB

  • MD5

    fa2f3757fc80781a717cebf54ed81962

  • SHA1

    c5bf1799bb004d8dade0f29fb7ee4bf75836bb9d

  • SHA256

    b744bae65129d2d9980029a4d55b4552c79a28a5afa89b48e0a383b96078231a

  • SHA512

    67862d5c9d59bda356145b965f6d2d767a985fdf86c661afd769ceddd54ef43895d26ff11acdc4e89ae171e09cf75bbd96757db6f1f8c63799eed6fe91a32d23

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://194.180.48.58/ok/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b744bae65129d2d9980029a4d55b4552c79a28a5afa89b48e0a383b96078231a
    .exe windows x86

    0239fd611af3d0e9b0c46c5837c80e09


    Headers

    Imports

    Sections