lokibot | 1632-55-0x00000000003B0000-0x00000000003CB000-memory[.]dmp | Triage

Submit
Reports

Overview

overview

Static

static

1632-55-0x...ry.dmp

windows11-21h2-x64

3

Resubmissions

05/03/2024, 19:20

240305-x2hgasfh39 10

05/03/2024, 19:08

240305-xtm2taff36 10

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1632-55-0x00000000003B0000-0x00000000003CB000-memory.dmp

Resource

win11-20240221-en

windows11-21h2-x64

3 signatures

1800 seconds

General

Target

1632-55-0x00000000003B0000-0x00000000003CB000-memory.dmp
Size

108KB
MD5

424ad01010cf6d9f30f129e296f35606
SHA1

c170ecd2eb55515720225441dc4caf6f0117200e
SHA256

d4129046064777946bd88817470d8a2df036f35ec3fca857e9c0e8051543bc61
SHA512

8dfce8d96e2203ca721fc13b503022b724590cdcdcdd40f28425918bbd370aa443064c5992fa726067e4614732f4ca7569dd50d0865622527ead3c0d9177fa80
SSDEEP

1536:wl1D3zvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:GDMSHIG6mQwGmfOQd8YhY0/EqUG

Score

10^/10

lokibot

Malware Config

Extracted

Family

lokibot

C2

http://185.246.220.85/fresh/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

Lokibot family
lokibot

Files

1632-55-0x00000000003B0000-0x00000000003CB000-memory.dmp

© 2018-2025

Terms | Privacy