lokibot | fa27c16596dc5c39fafe2a14e459db8ae0bae2be3d5222d6df7331215c04efaf | Triage

Sharing

General

Target

SecuriteInfo.com.Trojan.Packed2.42809.8376.6237
Size

881KB
Sample

210122-e3p5e9zn1n
MD5

209a9397bb6c68626ff785164388a65d
SHA1

a3d1b6a707b971638ff56f7470daecdf7b93a346
SHA256

fa27c16596dc5c39fafe2a14e459db8ae0bae2be3d5222d6df7331215c04efaf
SHA512

2186aa67a1eb8a295622b8aaa00938bba387304f8662dd91a1c0d6c2b738fb6533b4613d461b1e0bab2b63375c7739dc8439338339c6f89c7ff07a1667b87aa6

Score

10^/10

lokibot spyware stealer trojan

Malware Config

Extracted

Family

lokibot

C2

http://zunlen.com/chief/jojo/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  SecuriteInfo.com.Trojan.Packed2.42809.8376.6237
- Size
  
  881KB
- MD5
  
  209a9397bb6c68626ff785164388a65d
- SHA1
  
  a3d1b6a707b971638ff56f7470daecdf7b93a346
- SHA256
  
  fa27c16596dc5c39fafe2a14e459db8ae0bae2be3d5222d6df7331215c04efaf
- SHA512
  
  2186aa67a1eb8a295622b8aaa00938bba387304f8662dd91a1c0d6c2b738fb6533b4613d461b1e0bab2b63375c7739dc8439338339c6f89c7ff07a1667b87aa6
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan