lokibot | b3d68497094cb6caf6ecd1f10802f50bc9aed37bd92740959e8e953300c5297b | Triage

Submit
Reports

Overview

overview

Static

static

GEN_CMACGM...D0.exe

windows7_x64

GEN_CMACGM...D0.exe

windows10-2004_x64

Sharing

General

Target

b3d68497094cb6caf6ecd1f10802f50bc9aed37bd92740959e8e953300c5297b
Size

368KB
Sample

220521-mye7nacff2
MD5

4f72831bf40ce5b416419154e5964cb7
SHA1

2d3ba862c7fa65a16d21fb6c8e99b43ca8a072c4
SHA256

b3d68497094cb6caf6ecd1f10802f50bc9aed37bd92740959e8e953300c5297b
SHA512

5e210618be05fd1f3ac1a41f248f631232d4e84c9ea39a1da7368181d2ccedf7d1b28454372877a53dd70eff8106d032ff5cd96b79a5596e98c31113e976dab4

Score

10^/10

lokibot collection spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

GEN_CMACGM_GeneralExportNotice_CMACGMSAMSON_0PG7JE1MA-AC355A066FA10892E0530A00876036D0.exe

Resource

win7-20220414-en

lokibot collection spyware stealer trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

GEN_CMACGM_GeneralExportNotice_CMACGMSAMSON_0PG7JE1MA-AC355A066FA10892E0530A00876036D0.exe

Resource

win10v2004-20220414-en

lokibot collection spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  GEN_CMACGM_GeneralExportNotice_CMACGMSAMSON_0PG7JE1MA-AC355A066FA10892E0530A00876036D0.exe
- Size
  
  665KB
- MD5
  
  4a8da1418107c35e66a2f989efcb8840
- SHA1
  
  43fd42e02a37ed5f59baa0d37ee58c15aaa9c34f
- SHA256
  
  895ac50f2f6679f346ecb8d1a8c479da958b43a219245c2f7953c08d5835e5f9
- SHA512
  
  6ba15dd13f82e5e68b519c74374357f3ce7628c063df6c1a00bf5bf1ffc1e0efc2a372a7edddb5828d6fc6e65bc3b93433f95cd2a266a7b080c2d1902a85d440
Score

10^/10

lokibot collection spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

lokibotcollectionspywarestealertrojan

behavioral2

lokibotcollectionspywarestealertrojan

© 2018-2024

Terms | Privacy