General
-
Target
18b7250e7d937938416cc206934da3cd84324802fc34fcd8f8d5b1bc6dbf684b.exe
-
Size
96KB
-
MD5
659a80455fd775588eb78ceda157f9d8
-
SHA1
9c3508ac928b3c6158dc7d72e7742d988da8cf3c
-
SHA256
18b7250e7d937938416cc206934da3cd84324802fc34fcd8f8d5b1bc6dbf684b
-
SHA512
ed6e3a0e70577b959d9f5dbab94a4de15a3cfedf78522f9631bff9946c5bd2dd0e3dc68bfd555158c47a54e6711bb0910004f94bfb8100f789930b7c4d3be7ed
-
SSDEEP
1536:6zvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqcIzmd:hSHIG6mQwGmfOQd8YhY0/E1UG
Score
10/10
Malware Config
Extracted
Family
lokibot
C2
http://45.61.137.215/index.php/3b1tenbkyj
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Signatures
-
Lokibot family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
18b7250e7d937938416cc206934da3cd84324802fc34fcd8f8d5b1bc6dbf684b.exe
0239fd611af3d0e9b0c46c5837c80e09
Headers
Imports
Sections