General
-
Target
20f11dab91e6b84014dec6e2f539e345a2a4662cb9a85763696e0170aeda12e1
-
Size
435KB
-
Sample
220612-l6wc6scga7
-
MD5
ac7cfc5070d1c40fa65498cb9909f61b
-
SHA1
7dac1426ad9e0fb08b89dba7667e7d1477533834
-
SHA256
20f11dab91e6b84014dec6e2f539e345a2a4662cb9a85763696e0170aeda12e1
-
SHA512
a82d65ac39acecc819a58590979ead1b2f5c85bc81eba438f9e678391b2eed4e66da5e443462fdb26d2c5bbbe37bf712aceeed356d7eb75ec19900721341c65a
Malware Config
Extracted
lokibot
http://redsseammgt.com/loki5/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
20f11dab91e6b84014dec6e2f539e345a2a4662cb9a85763696e0170aeda12e1
-
Size
435KB
-
MD5
ac7cfc5070d1c40fa65498cb9909f61b
-
SHA1
7dac1426ad9e0fb08b89dba7667e7d1477533834
-
SHA256
20f11dab91e6b84014dec6e2f539e345a2a4662cb9a85763696e0170aeda12e1
-
SHA512
a82d65ac39acecc819a58590979ead1b2f5c85bc81eba438f9e678391b2eed4e66da5e443462fdb26d2c5bbbe37bf712aceeed356d7eb75ec19900721341c65a
Score10/10-
Lokibot
Lokibot is a Password and CryptoCoin Wallet Stealer.
-
Accesses Microsoft Outlook profiles
-
Suspicious use of SetThreadContext
-