Overview

overview

10

Static

static

10f675a780...9c.exe

windows7_x64

10

10f675a780...9c.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    10f675a780a5814df0a79b673213a2ed2989816a517797df5656551b0819789c.exe

  • Size

    871KB

  • Sample

    210728-kwkwrwzj26

  • MD5

    52db97007f406b46ae0cc4b82ad882be

  • SHA1

    dc5fefda3c4c080ce976c6938cc9bb097ffded63

  • SHA256

    10f675a780a5814df0a79b673213a2ed2989816a517797df5656551b0819789c

  • SHA512

    dc23eb967f4b0961344ef99f294c1ee593271ee8c29cb7173258614f46994ed4c19dd7645943d9539b6de339082783904d5ad34217be95a2ab76cc60b2bfb67d

Score
10/10
lokibotpersistencespywarestealersuricatatrojan

Malware Config

Extracted

Family

lokibot

C2

http://ibmcloudstorage.ml/prof2/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      10f675a780a5814df0a79b673213a2ed2989816a517797df5656551b0819789c.exe

    • Size

      871KB

    • MD5

      52db97007f406b46ae0cc4b82ad882be

    • SHA1

      dc5fefda3c4c080ce976c6938cc9bb097ffded63

    • SHA256

      10f675a780a5814df0a79b673213a2ed2989816a517797df5656551b0819789c

    • SHA512

      dc23eb967f4b0961344ef99f294c1ee593271ee8c29cb7173258614f46994ed4c19dd7645943d9539b6de339082783904d5ad34217be95a2ab76cc60b2bfb67d

    Score
    10/10
    lokibotpersistencespywarestealersuricatatrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • suricata: ET MALWARE LokiBot Checkin

      suricata

    • suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)

      suricata

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks