Overview

overview

10

Static

static

3

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9bd56989f51b598194cd551db59c95883628267a3f5ca8b87c0ad69fa7a3471

  • Size

    822KB

  • Sample

    240501-jp8wtsdb89

  • MD5

    6dc6f63b7b1a593e209d062c877a488f

  • SHA1

    ff16670fc7957da27fb31f96ae17469a5125b720

  • SHA256

    f9bd56989f51b598194cd551db59c95883628267a3f5ca8b87c0ad69fa7a3471

  • SHA512

    df276f80da629c7ab78c1e913c88dc916a5564373dcf51961e4427e386612a5137ff2edbe97814dc8a4fe1499359e3779fdb46a309f7687208cae995a1f57327

  • SSDEEP

    12288:jwglEe171o1+1k155scBRTWgwxPzsohPGLCPnXFzcoUd523GY7jVtC32LhYcdc45:WnNutGuPnX5c7d52WY/V4kc4/

Score
10/10
lokibotcollectionspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://ebnsina.top/evie1/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      f9bd56989f51b598194cd551db59c95883628267a3f5ca8b87c0ad69fa7a3471

    • Size

      822KB

    • MD5

      6dc6f63b7b1a593e209d062c877a488f

    • SHA1

      ff16670fc7957da27fb31f96ae17469a5125b720

    • SHA256

      f9bd56989f51b598194cd551db59c95883628267a3f5ca8b87c0ad69fa7a3471

    • SHA512

      df276f80da629c7ab78c1e913c88dc916a5564373dcf51961e4427e386612a5137ff2edbe97814dc8a4fe1499359e3779fdb46a309f7687208cae995a1f57327

    • SSDEEP

      12288:jwglEe171o1+1k155scBRTWgwxPzsohPGLCPnXFzcoUd523GY7jVtC32LhYcdc45:WnNutGuPnX5c7d52WY/V4kc4/

    Score
    10/10
    lokibotspywarestealertrojancollection

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks