lokibot | 957ef05564cba68f526fe7d881b3957a933b14196205f2cf6d9e287c100ab85c | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.DownLoader36.26314.8898.5357
Size

1.4MB
Sample

201204-qkpr8axeve
MD5

4047a1a03be9df604f06fdb28647891d
SHA1

1b40243a8e6a025eef866f09b7b4361b70777494
SHA256

957ef05564cba68f526fe7d881b3957a933b14196205f2cf6d9e287c100ab85c
SHA512

4bae1b68abcfa4a91c27a9f01f1a9b06336dd0e28b8fa7d6dbbc50a2d5120e7467fec564966991945ac9b6dd91321bf49e9ba92794dbff55ea094177952b06fa

Score

10^/10

lokibot spyware stealer trojan

Malware Config

Extracted

Family

lokibot

C2

http://104.223.143.21/frilt/Panel/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  SecuriteInfo.com.Trojan.DownLoader36.26314.8898.5357
- Size
  
  1.4MB
- MD5
  
  4047a1a03be9df604f06fdb28647891d
- SHA1
  
  1b40243a8e6a025eef866f09b7b4361b70777494
- SHA256
  
  957ef05564cba68f526fe7d881b3957a933b14196205f2cf6d9e287c100ab85c
- SHA512
  
  4bae1b68abcfa4a91c27a9f01f1a9b06336dd0e28b8fa7d6dbbc50a2d5120e7467fec564966991945ac9b6dd91321bf49e9ba92794dbff55ea094177952b06fa
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan