General

  • Target

    1696-55-0x00000000002A0000-0x00000000002BB000-memory.dmp

  • Size

    108KB

  • MD5

    94575482c41ca4af8713147cd25666f2

  • SHA1

    5eed6b9c4fe8b7c7ec24ee955f7151bb829b0f23

  • SHA256

    324297132f52548ebc16495e2d37f680bebc5223672c82341e49445b6b009a22

  • SHA512

    7f0442c6eca7c0586a0c7286a03a181db37c0e7084e91b4f0c7f666f67e0998c7dbdecf2349489011037efb438e24b9a85311d27b3700c51abd247481e2d9d10

  • SSDEEP

    1536:wl+D3zvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:dDMSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10

Malware Config

Extracted

Family

lokibot

C2

http://208.67.105.148/ok/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Files

  • 1696-55-0x00000000002A0000-0x00000000002BB000-memory.dmp