Overview

overview

10

Static

static

dridex

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130

  • Size

    665KB

  • Sample

    211025-axgymsgdap

  • MD5

    0a05406ccbc442244398e953b278603e

  • SHA1

    0d4d3c1dd6901ac2044f352d175d0f871ee4688c

  • SHA256

    3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130

  • SHA512

    458d46ae79df62f7ba8b89dbe26be3c9e599ffff2e20e80215e8734afe81658e61884c25bb340c733114666f898f54e04959f12f0c0d896410497e71e7932bd1

Score
10/10
lokibotcollectionspywarestealersuricatatrojan

Malware Config

Extracted

Family

lokibot

C2

http://secure01-redirect.net/fd3/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130

    • Size

      665KB

    • MD5

      0a05406ccbc442244398e953b278603e

    • SHA1

      0d4d3c1dd6901ac2044f352d175d0f871ee4688c

    • SHA256

      3be414f054546d9a5ce2e5a9470cccbc19a3f4751553e3b083f0c497151fe130

    • SHA512

      458d46ae79df62f7ba8b89dbe26be3c9e599ffff2e20e80215e8734afe81658e61884c25bb340c733114666f898f54e04959f12f0c0d896410497e71e7932bd1

    Score
    10/10
    lokibotcollectionspywarestealersuricatatrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • suricata: ET MALWARE LokiBot Checkin

      suricata: ET MALWARE LokiBot Checkin

      suricata

    • suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)

      suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)

      suricata

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks