lokibot | d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6 | Triage

Sharing

General

Target

d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6.exe
Size

734KB
Sample

210115-bxy15y7nx6
MD5

bec0173b84f767b9d1ae188dc34aa76f
SHA1

3f1a2c7cef32409db461a2a4e74a396f7ff09357
SHA256

d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6
SHA512

d53dea258da6a80af1bee8aaab18b40677360b104d2358e6542f18e8125430b395f4c066f09b86260ce1562a8fff5142d8511c2ed5ed5bb8e5d47a014998dd56

Score

10^/10

lokibot spyware stealer trojan

Malware Config

Extracted

Family

lokibot

C2

http://becharnise.ir/fox/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6.exe
- Size
  
  734KB
- MD5
  
  bec0173b84f767b9d1ae188dc34aa76f
- SHA1
  
  3f1a2c7cef32409db461a2a4e74a396f7ff09357
- SHA256
  
  d166782041b83a802f468568d107b40bd8282c4a3776f560d722e2e90d1c12d6
- SHA512
  
  d53dea258da6a80af1bee8aaab18b40677360b104d2358e6542f18e8125430b395f4c066f09b86260ce1562a8fff5142d8511c2ed5ed5bb8e5d47a014998dd56
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan