lokibot | 2876-69-0x0000000000400000-0x00000000004A2000-memory[.]dmp

General

Target

2876-69-0x0000000000400000-0x00000000004A2000-memory.dmp
Size

648KB
MD5

b740b1ba48ad3f9b3df07c8004e57eda
SHA1

9b95c8c6ffd92ab319043a1f81a29cf51b33d860
SHA256

2de0e585b3b5e190b4d4e825104f8709bdc29f56c864fbca154bcef04b9fe2c7
SHA512

f726a0f71208281ef4f1a62c87df960a402163702a7e4554ea781abb54a9b1dcb0da79f07d0cf7d72d0c2d8bd9f751cabae3a8a8547d7f8f5345e90f0365fbff
SSDEEP

1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score

10^/10

lokibot

Family

lokibot

C2

http://216.128.145.196/~wellseconds/?p=236353075

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2876-69-0x0000000000400000-0x00000000004A2000-memory.dmp