lokibot

General

Target

506acdbf6f6334fb4b7519e45d60f3c90b115853fa4b76d0670bf20698f4c7c4.exe
Size

204KB
Sample

240926-bybcxszajj
MD5

aa2edba076823e2d67c52d3055a15e80
SHA1

f8ab944af1bf067fcd7f6806311ccd98374d98cd
SHA256

506acdbf6f6334fb4b7519e45d60f3c90b115853fa4b76d0670bf20698f4c7c4
SHA512

c47796be2af02e5a3196402bbc893eeda7474c6e4bb418cecc0ac23a30ccecf0422ed36c66caac1662776aaeb2e97aaeb9bf5799b9a46d2f6fab9f8382d06035
SSDEEP

3072:JvAqCj8Ebdnt7NQs5E8lToQGUWYpzyYTqWH8G+esk60AWQ8jp:9o88568qXUFpWI8G+060jQ8

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

https://dddotx.shop/Mine/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  506acdbf6f6334fb4b7519e45d60f3c90b115853fa4b76d0670bf20698f4c7c4.exe
- Size
  
  204KB
- MD5
  
  aa2edba076823e2d67c52d3055a15e80
- SHA1
  
  f8ab944af1bf067fcd7f6806311ccd98374d98cd
- SHA256
  
  506acdbf6f6334fb4b7519e45d60f3c90b115853fa4b76d0670bf20698f4c7c4
- SHA512
  
  c47796be2af02e5a3196402bbc893eeda7474c6e4bb418cecc0ac23a30ccecf0422ed36c66caac1662776aaeb2e97aaeb9bf5799b9a46d2f6fab9f8382d06035
- SSDEEP
  
  3072:JvAqCj8Ebdnt7NQs5E8lToQGUWYpzyYTqWH8G+esk60AWQ8jp:9o88568qXUFpWI8G+060jQ8
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2