Overview

overview

10

Static

static

10

1384-89-0x...ry.exe

windows7-x64

1

1384-89-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1384-89-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • Sample

    230605-smxv8ahc75

  • MD5

    a27bab0fbe4d1463522aca710e53d10c

  • SHA1

    be3647094a7e7757016e31611203eefe94842dbf

  • SHA256

    d30688da40ace4035282d149d958b8fbea576c68afb45a53e4d1eddb26ece3ae

  • SHA512

    91760a034492c7b98c58566ec44b1a4f72885cce2fa766034aeca05b59edc2c2be0562683bc2c4d6f9ac374b96f239fec38f8396f86b2e451ba96d759bf45c1f

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqHIzmd:nSHIG6mQwGmfOQd8YhY0/ESUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://185.246.220.85/line/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      1384-89-0x0000000000400000-0x00000000004A2000-memory.dmp

    • Size

      648KB

    • MD5

      a27bab0fbe4d1463522aca710e53d10c

    • SHA1

      be3647094a7e7757016e31611203eefe94842dbf

    • SHA256

      d30688da40ace4035282d149d958b8fbea576c68afb45a53e4d1eddb26ece3ae

    • SHA512

      91760a034492c7b98c58566ec44b1a4f72885cce2fa766034aeca05b59edc2c2be0562683bc2c4d6f9ac374b96f239fec38f8396f86b2e451ba96d759bf45c1f

    • SSDEEP

      1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqHIzmd:nSHIG6mQwGmfOQd8YhY0/ESUG

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks