Overview

overview

10

Static

static

3

0392453270...8f.exe

windows7-x64

10

0392453270...8f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0392453270a71b5a7a29b8c8d415978f

  • Size

    871KB

  • Sample

    231225-d9x26sbfhk

  • MD5

    0392453270a71b5a7a29b8c8d415978f

  • SHA1

    37869819f38607bb0f2a30f05573dfed03136d62

  • SHA256

    f70bb08ecbd6548a7a3a52a0a2a151e87af472b185dd1adaa718a87a340e777b

  • SHA512

    de18b7c5379d46523e77288a7ac4f0b02f3f343657bec79c7741c3a5f32d350c57821d9c2aabdadbf26c2b74e2cdcefc2e75026d3099b94a4d14ba8580c5e1b2

  • SSDEEP

    24576:UTc8iS/d3YK64J1CiqlytXgB/Npsu+gio4:O8K64JAibt2arg5

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://manvim.co/fd14/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      0392453270a71b5a7a29b8c8d415978f

    • Size

      871KB

    • MD5

      0392453270a71b5a7a29b8c8d415978f

    • SHA1

      37869819f38607bb0f2a30f05573dfed03136d62

    • SHA256

      f70bb08ecbd6548a7a3a52a0a2a151e87af472b185dd1adaa718a87a340e777b

    • SHA512

      de18b7c5379d46523e77288a7ac4f0b02f3f343657bec79c7741c3a5f32d350c57821d9c2aabdadbf26c2b74e2cdcefc2e75026d3099b94a4d14ba8580c5e1b2

    • SSDEEP

      24576:UTc8iS/d3YK64J1CiqlytXgB/Npsu+gio4:O8K64JAibt2arg5

    Score
    10/10
    lokibotcollectionspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • CustAttr .NET packer

      Detects CustAttr .NET packer in memory.

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks