lokibot | 983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635 | Triage

Submit
Reports

Overview

overview

Static

static

dridex

windows10-2004_x64

Sharing

General

Target

983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635
Size

205KB
Sample

220707-v96srafbh7
MD5

7522cabf14151d09bdf4a77654f34d7d
SHA1

67339934cc8096ea6c4603a3c2a4bf4db0b58069
SHA256

983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635
SHA512

f2a2452118012594142b8cc684c3a160ace2215e24270f00d7b8a6d60765dc4536745d16dde1ef13350e03e849f8628e5ac624d8eea7c5732eebb901638e7d69

Score

10^/10

lokibot spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635.exe

Resource

win10v2004-20220414-en

lokibot spyware stealer trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

lokibot

C2

http://45.133.1.20/health12/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635
- Size
  
  205KB
- MD5
  
  7522cabf14151d09bdf4a77654f34d7d
- SHA1
  
  67339934cc8096ea6c4603a3c2a4bf4db0b58069
- SHA256
  
  983510df5d225cfe14e5d5a8a1f5991c8879de5ae0dcdda84f80f7107094e635
- SHA512
  
  f2a2452118012594142b8cc684c3a160ace2215e24270f00d7b8a6d60765dc4536745d16dde1ef13350e03e849f8628e5ac624d8eea7c5732eebb901638e7d69
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

© 2018-2024

Terms | Privacy