Overview

overview

10

Static

static

10

1388660x00...00.exe

windows7-x64

1

1388660x00...00.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1388660x00000000004000000.dmp

  • Size

    648KB

  • MD5

    7e31f8b64b67fbcdab76d694dfead62b

  • SHA1

    d91c4d85dc881fb87cd608136b13393eacfd0829

  • SHA256

    f151185707904c06d5f3bb889739b8b3b2b007f4112f5d2fc17cbf7e74fb2e5e

  • SHA512

    a2297a993c88045f0f741947add90a6bb1a7ff46a76ac10f8dffae895ecddf029e87c9cb06a5b8c775744a5d0246e83d92b79aba4ec854106f187e5a27168449

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://138.68.56.139/?p=2744

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1388660x00000000004000000.dmp
    .exe windows x86


    Headers

    Sections