lokibot | 39935c5f3c8d5324f887139323bb4c2f5ed2cfa34465ae8911a7671a98a2a4e3 | Triage

Submit
Reports

Overview

overview

Static

static

5

MV MAXIMOS.exe

windows10-2004-x64

Sharing

General

Target

MV MAXIMOS.arj
Size

596KB
Sample

240617-h8f5gszeqd
MD5

cb55feb35033ba9b83c06c7064b1851c
SHA1

09e63a052828a96c383c0839bb086ffd198adee8
SHA256

39935c5f3c8d5324f887139323bb4c2f5ed2cfa34465ae8911a7671a98a2a4e3
SHA512

201e4c0f8b08fa39d64fef94da0e00d09eeecf28e9535598d07a46412ce861f56df8d71045e7848ef91d4cc7a29e0696b8de63c9e9b4a860e3c0484fb23fdcd2
SSDEEP

12288:sOl1J9Ev65D8Rn/iHLaiP1574qXY7XKsxl+HhGwD+uGO8qc8o0zHeP:swJ9qMDs/eai94jKsxMDXGOpo0zHeP

Score

10^/10

lokibot collection spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

MV MAXIMOS.exe

Resource

win10v2004-20240611-en

lokibot collection spyware stealer trojan

windows10-2004-x64

10 signatures

300 seconds

Malware Config

Extracted

Family

lokibot

C2

https://edgewell.cam/DV2/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  MV MAXIMOS.exe
- Size
  
  1019KB
- MD5
  
  226b8639be6c47d8d5fe9c7d02109dde
- SHA1
  
  c21ffbc8d875dc8d16bb285dda681cae34366399
- SHA256
  
  2b67f7ccd305e220d5cb85f7ab38b53ca407a0098e6a15ea037269a0d48e5821
- SHA512
  
  231253279cf623475c1a31ce7eaf83ad936935bb9bf7446672287d8e60236acfb6c9542c2c1811bd19c8754a002ca4896c81075cbc5b60f1a99b65750a793627
- SSDEEP
  
  24576:8AHnh+eWsN3skA4RV1Hom2KXMmHakx2o0zJuz5:bh+ZkldoPK8YakgJK
Score

10^/10

lokibot collection spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

lokibotcollectionspywarestealertrojan

© 2018-2025

Terms | Privacy