lokibot

General

Target

f7fb72bfbdd97c744a53a1120d809a42e67f46df190b2c1782e5ad3fad02961b.exe
Size

489KB
Sample

210726-121ck6q57s
MD5

87883ff93fe5d6babe32be6a26b34303
SHA1

7c2037b7d145abb8d7f12c3aa12f8449f2ae417a
SHA256

f7fb72bfbdd97c744a53a1120d809a42e67f46df190b2c1782e5ad3fad02961b
SHA512

48a95ee25146591f4c65d04b6d5b5525a5f732c2b968881cf4d9f84568f25ed4d7a708c2255d3deb74bfa18ed6ce47090341053e3bef91384b149787af761d85

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://209.141.34.39/shz/pin.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  f7fb72bfbdd97c744a53a1120d809a42e67f46df190b2c1782e5ad3fad02961b.exe
- Size
  
  489KB
- MD5
  
  87883ff93fe5d6babe32be6a26b34303
- SHA1
  
  7c2037b7d145abb8d7f12c3aa12f8449f2ae417a
- SHA256
  
  f7fb72bfbdd97c744a53a1120d809a42e67f46df190b2c1782e5ad3fad02961b
- SHA512
  
  48a95ee25146591f4c65d04b6d5b5525a5f732c2b968881cf4d9f84568f25ed4d7a708c2255d3deb74bfa18ed6ce47090341053e3bef91384b149787af761d85
Score

10^/10

lokibot persistence spyware stealer suricata trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- suricata: ET MALWARE LokiBot Checkin
  suricata
- suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
  suricata
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE LokiBot Checkin

suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2