lokibot | 0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3 | Triage

Sharing

General

Target

0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3.exe
Size

654KB
Sample

210115-m1p1g5ed4x
MD5

4401d62f459d17975cb9cf5b379cea96
SHA1

d02cf59cdd52a6d922c0f2a6dae333a97c6687a9
SHA256

0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3
SHA512

beac402156ea23077bcc8e105fd3706b3e6e561e0d3a39e567c111446fcee3657e7ae6ed339c4bcf238f0d4bb401e8a8afbd00377762efea8c1ab63bd634a14f

Score

10^/10

lokibot spyware stealer trojan

Malware Config

Extracted

Family

lokibot

C2

http://lmpulsefashion.net/chief/kev/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3.exe
- Size
  
  654KB
- MD5
  
  4401d62f459d17975cb9cf5b379cea96
- SHA1
  
  d02cf59cdd52a6d922c0f2a6dae333a97c6687a9
- SHA256
  
  0b2ae98dbbc89e15b3d0864559fede5bf9a7c96e80476499c24bf396a5fd27f3
- SHA512
  
  beac402156ea23077bcc8e105fd3706b3e6e561e0d3a39e567c111446fcee3657e7ae6ed339c4bcf238f0d4bb401e8a8afbd00377762efea8c1ab63bd634a14f
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan