General
-
Target
3e5c92dcc723708502c77b2a2ba497e53c4c151fb325874027fbfc157410dbfb
-
Size
238KB
-
Sample
220701-jh1a4sbgh8
-
MD5
dd380f560d0618e59964fd509c8362e1
-
SHA1
f9894290dac8dac2f57f550c3ec2257e252fd9e0
-
SHA256
3e5c92dcc723708502c77b2a2ba497e53c4c151fb325874027fbfc157410dbfb
-
SHA512
772ca9c1e1bf5fd7b4787ce7243defdc477a2eccbc43ff966db528c0f6f10299b7ec11607905dfe0781543ef62965968a09d5c5a375cdd9fce2969f208e3391d
Malware Config
Extracted
lokibot
http://pldtdsll.net/eatry57/teryu43/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
3e5c92dcc723708502c77b2a2ba497e53c4c151fb325874027fbfc157410dbfb
-
Size
238KB
-
MD5
dd380f560d0618e59964fd509c8362e1
-
SHA1
f9894290dac8dac2f57f550c3ec2257e252fd9e0
-
SHA256
3e5c92dcc723708502c77b2a2ba497e53c4c151fb325874027fbfc157410dbfb
-
SHA512
772ca9c1e1bf5fd7b4787ce7243defdc477a2eccbc43ff966db528c0f6f10299b7ec11607905dfe0781543ef62965968a09d5c5a375cdd9fce2969f208e3391d
Score10/10-
Lokibot
Lokibot is a Password and CryptoCoin Wallet Stealer.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-