Overview

overview

10

Static

static

10

a79236b40d...1N.exe

windows7-x64

1

a79236b40d...1N.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a79236b40db7333b042cf5090d80fe0964a6cf54661e05df343e570f6b424391N.exe

  • Size

    648KB

  • MD5

    6bd8a599619c9697a57cd60b0f7157b0

  • SHA1

    0923a839834913a82a1c0a5e68d3c0d1706b3fc5

  • SHA256

    a79236b40db7333b042cf5090d80fe0964a6cf54661e05df343e570f6b424391

  • SHA512

    df6d8734f76e55fa08a898c7bef1cff92cddf4bc61c69c4d8e347ef638e2b4effc925b19e6422250235e68aaea32b16d6134019880e552717aa2e113b1a5bbf5

  • SSDEEP

    1536:czvQSZpGS4/31A6mQgL2eYCGDwRcMkVQd8YhY0/EqaIzmd:nSHIG6mQwGmfOQd8YhY0/ErUG

Score
10/10
lokibot

Malware Config

Extracted

Family

lokibot

C2

http://alimatata.topendpower.top/_errorpages/alimatata/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Signatures

  • Lokibot family
    lokibot
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a79236b40db7333b042cf5090d80fe0964a6cf54661e05df343e570f6b424391N.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections