lokibot | e69555deb53e10fac0f745beecc8a82ab43b8328df8628aa18e9dfabf2825575 | Triage

Submit
Reports

Overview

overview

Static

static

6bfd90ff3e...d0.exe

windows7_x64

6bfd90ff3e...d0.exe

windows10_x64

Sharing

General

Target

6bfd90ff3ee65b05e54934c553999e6c51fc3d8e164e5277083b82a9275fced0.zip
Size

150KB
Sample

201105-tz6nspqe3x
MD5

d0cbe77a038a5275f5bea9128ce1fe3b
SHA1

3fe9eea36e41f0a7c260fe1f3564cdcad91f7a1e
SHA256

e69555deb53e10fac0f745beecc8a82ab43b8328df8628aa18e9dfabf2825575
SHA512

f076f449bfe2939899677f018de5b37faeb1d09e1eada4b8c749c96bc17982abc3923ee9216e13e0d28a720d7263510f6e6980634c331ab9f9199e21e128cb7f

Score

10^/10

lokibot spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

6bfd90ff3ee65b05e54934c553999e6c51fc3d8e164e5277083b82a9275fced0.exe

Resource

win7v20201028

lokibot spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6bfd90ff3ee65b05e54934c553999e6c51fc3d8e164e5277083b82a9275fced0.exe

Resource

win10v20201028

lokibot spyware stealer trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  6bfd90ff3ee65b05e54934c553999e6c51fc3d8e164e5277083b82a9275fced0
- Size
  
  191KB
- MD5
  
  efa42fd9b1a578802b846a5ac33729e4
- SHA1
  
  2b55bf6507b01a11b5c05c3de7e280f2912509e1
- SHA256
  
  6bfd90ff3ee65b05e54934c553999e6c51fc3d8e164e5277083b82a9275fced0
- SHA512
  
  1ff91799d62d41ccc435e843b9e8b26b8e435706f8ab20f54797bf283df04b264138ab6ccc584753c89843b622396725accafb5b51040bf12cc61b2c1222d5f5
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Executes dropped EXE
- Drops startup file
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan

© 2018-2024

Terms | Privacy