Overview

overview

10

Static

static

10

fa7736ddc7...5d.exe

windows7-x64

1

fa7736ddc7...5d.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

  • Size

    648KB

  • MD5

    dd438d7a780d9005febf7a2b65795b13

  • SHA1

    1f66c54a11d1c3ef60401f79d678d346c9ac78ad

  • SHA256

    fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d

  • SHA512

    0e97b9f82bf0e8cfa3d996543b79b836ea0c5c5fb6fa4f402ca7a4ac63dc63e5b75c21777a12459152f7a1cd2847739654b07233e2c7e2883e2effc05ce9fc74

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqfIzmd:nSHIG6mQwGmfOQd8YhY0/EqUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://overclockingmachines.info/bally/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • fa7736ddc7e2eafe1109078590c85f33f474d7e670a154515e3c44d15091f15d
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections