Overview

overview

10

Static

static

10

1688453525...ed.exe

windows7-x64

10

1688453525...ed.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    168845352544c3e5b8c3427e93fbbff7183b6f8688fde8a940a497643deb1b2c774ef775ad972.dat-decoded.exe

  • Size

    104KB

  • MD5

    dd2356cda7dfdba0ea127426f9288623

  • SHA1

    21474976e7c0ec2139a63a2a7ccb4530ae9fec73

  • SHA256

    94e8b74d1f6b6dfb6c82be4cd089f667092ddbbbffdbdbd59ea56f2b38c46397

  • SHA512

    8aecb2c04ebfc8e0ab7083e80a90a61e4ca096d4bdcdb14acd4f6614575830b95912c4fa7f20b94b7e2bca972dd29047936a46ac1fdc4c340d8d3d44a427981c

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://tetiquila.me/sirmomo/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 168845352544c3e5b8c3427e93fbbff7183b6f8688fde8a940a497643deb1b2c774ef775ad972.dat-decoded.exe
    .exe windows x86

    0239fd611af3d0e9b0c46c5837c80e09


    Headers

    Imports

    Sections