Overview

overview

10

Static

static

10

2700-11-0x...ry.exe

windows7-x64

1

2700-11-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    2700-11-0x0000000000400000-0x00000000004A2000-memory.dmp

  • Size

    648KB

  • MD5

    f412f4817379cf07c4716d5577563563

  • SHA1

    134a340f80a4bd545112ebdeddb95297fe873068

  • SHA256

    453272b02d09239dc2bdf4232dbb8bfee0e4113b8b647df189983348c64f4b7b

  • SHA512

    c4cb51444a0152cc6c18555922c40d5b4cdcbb8bb6e4eac1ea71f870f0aaefd0185aec6fa61388ca7534cacf0c7823b7c0d6a3a76eaa2dc6f9ac0e0dda682c62

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://sempersim.su/c3/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2700-11-0x0000000000400000-0x00000000004A2000-memory.dmp
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections