lokibot

General

Target

0c32ffa8a2b91fe822e28dea19b2f2cd1f10c4821a8d28cf1ee298dd401da405
Size

325KB
Sample

230208-25p3rshh6t
MD5

2c2a9dcfa9fbb8ed1c44a11e19afbb58
SHA1

f7f279f9a9af32795e996b015740508385c20182
SHA256

0c32ffa8a2b91fe822e28dea19b2f2cd1f10c4821a8d28cf1ee298dd401da405
SHA512

329921636a9d8f44308c4778aafa07cae43304a0f781af8de767435becd0c92636bea4f3420d71b3e7ec28d60ab188ce36d44628e04c68f1e45a42342b54b8db
SSDEEP

3072:yIdE3CLen81R/9fLRmNpHfg3rbUVm/HiPFXFnyuVpSHAsm0+L4Oi/XcLY7VNr/UT:WyL31R/cp/g3rgjFLplsm0+MOKXpLUT

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://171.22.30.164/kung/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  0c32ffa8a2b91fe822e28dea19b2f2cd1f10c4821a8d28cf1ee298dd401da405
- Size
  
  325KB
- MD5
  
  2c2a9dcfa9fbb8ed1c44a11e19afbb58
- SHA1
  
  f7f279f9a9af32795e996b015740508385c20182
- SHA256
  
  0c32ffa8a2b91fe822e28dea19b2f2cd1f10c4821a8d28cf1ee298dd401da405
- SHA512
  
  329921636a9d8f44308c4778aafa07cae43304a0f781af8de767435becd0c92636bea4f3420d71b3e7ec28d60ab188ce36d44628e04c68f1e45a42342b54b8db
- SSDEEP
  
  3072:yIdE3CLen81R/9fLRmNpHfg3rbUVm/HiPFXFnyuVpSHAsm0+L4Oi/XcLY7VNr/UT:WyL31R/cp/g3rgjFLplsm0+MOKXpLUT
Score

10^/10

lokibot collection spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

1

T1081

Discovery

Lateral Movement

Collection

Data from Local System

Email Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Reads user/profile data of web browsers

Accesses Microsoft Outlook profiles

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2