Description
Lokibot is a Password and CryptoCoin Wallet Stealer.
tmp
178KB
220514-ryn7saace9
fefc2d8ef05916189407d8917c61ba13
92aa5269b897b91a220dbb70ac54c27807486fa4
9b7c9b230e6ebdb3a92ef55e153d76a3186555560cb26be387604f02b214050e
8fbdbf89952336775113e26a05c7752440737a95573a66c2273ed5b3b74f5851cd2bb6f41e54e0f5e778f4fa87a13a9fab1dc852f3c6aa8908715687df03651a
Family | lokibot |
C2 |
http://hyatqfuh9olahvxf.gq/BN3/fre.php http://kbfvzoboss.bid/alien/fre.php http://alphastand.trade/alien/fre.php http://alphastand.win/alien/fre.php http://alphastand.top/alien/fre.php |
tmp
fefc2d8ef05916189407d8917c61ba13
178KB
92aa5269b897b91a220dbb70ac54c27807486fa4
9b7c9b230e6ebdb3a92ef55e153d76a3186555560cb26be387604f02b214050e
8fbdbf89952336775113e26a05c7752440737a95573a66c2273ed5b3b74f5851cd2bb6f41e54e0f5e778f4fa87a13a9fab1dc852f3c6aa8908715687df03651a
Lokibot is a Password and CryptoCoin Wallet Stealer.
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1
suricata: ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M2
suricata: ET MALWARE LokiBot Checkin
suricata: ET MALWARE LokiBot Fake 404 Response
suricata: ET MALWARE LokiBot Request for C2 Commands Detected M1
suricata: ET MALWARE LokiBot Request for C2 Commands Detected M2
suricata: ET MALWARE LokiBot User-Agent (Charon/Inferno)
Infostealers often target stored browser data, which can include saved credentials etc.