lokibot | d78d85bfb1d5f164701a9f8f74eff5d45ceb0e2b8a712f4883ab3747d78badf6 | Triage

Submit
Reports

Overview

overview

Static

static

contract Y...-1.exe

windows7_x64

Sharing

General

Target

d78d85bfb1d5f164701a9f8f74eff5d45ceb0e2b8a712f4883ab3747d78badf6
Size

472KB
Sample

210728-f4ntn8xzp2
MD5

7bcd44891633650802028e7cd21cf7a5
SHA1

f1bd871859650ac027495db14056b71c9997d14b
SHA256

d78d85bfb1d5f164701a9f8f74eff5d45ceb0e2b8a712f4883ab3747d78badf6
SHA512

6df2cca5ffd6b5da88fd8a69479c8895025b865d8f26b4f161135fefeed3d7057a6a53a4e800ee360bf33ba06ce60138473a889096b19601feafd8f9c4b8f45c

Score

10^/10

lokibot spyware stealer suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

contract YF8536851-1.exe

Resource

win7v20210410

lokibot spyware stealer suricata trojan

windows7_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

lokibot

C2

http://abixmaly.duckdns.org/binge/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  contract YF8536851-1.exe
- Size
  
  628KB
- MD5
  
  a43a5c69b4fc6c45bbf4c75ee8b3869b
- SHA1
  
  6d6dd739f8b5c24fc98930dc59809893dcd64070
- SHA256
  
  235413e22a54a09ad31fae8f8a22a0cf4a443115cbb5dd9fe85a9a563ac1ebc3
- SHA512
  
  c012f843c33a8240d8e9c6ba9a2e2aaa173c4a856e0ff72b5c219a5d11b90eb9e6f6883e9d53b74b8bdc9c7419bd8be380d962458a84bd8aab90d4d04a449e5f
Score

10^/10

lokibot spyware stealer suricata trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- suricata: ET MALWARE LokiBot Checkin
  suricata
- suricata: ET MALWARE LokiBot Fake 404 Response
  suricata
- suricata: ET MALWARE LokiBot Request for C2 Commands Detected M1
  suricata
- suricata: ET MALWARE LokiBot Request for C2 Commands Detected M2
  suricata
- suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
  suricata
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lokibotspywarestealersuricatatrojan

© 2018-2024

Terms | Privacy