lokibot

General

Target

z1sipariiPO46338032SeydiehirAlminyum.iso
Size

226KB
Sample

240926-h5fdsaxcld
MD5

b322a5cd7c340d8a026213bf5ea181cf
SHA1

f26a08d468cb748aa8b8cfaaaf620875d0de8ee8
SHA256

ce366d40b0bf18fe9f629579f9db398441de22b3822d2db1b8d9b7f9a96b1583
SHA512

3c1155fadd4044ec62b046156f354e842b50d3d2c0440c02eb4f8d8b777c23bbd70a7cf0818f85834a93bd9c6fa8bd1bb8d0b1c5a0a424affefeea5f4e28737f
SSDEEP

3072:pgX3OY/NPH8Aq+XdOeuohMvEuf555vyWd+9MtGGE0vWGNF7owCCx7/WgafCzg:vOLOAhLuhvyi6GTb8wCC5/Wgb

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

https://dddotx.shop/Mine/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  siparişi_(PO_46338032)_Seydişehir Alüminyum.exe
- Size
  
  164KB
- MD5
  
  ed9fe2c20a68172921c064d0d9886b7b
- SHA1
  
  d892be8018cbc88b8cdd0db2338f643448630757
- SHA256
  
  bfcc16e302514e80fdc77675291f1bdb32796e7b77274f7596049938d0652347
- SHA512
  
  8fdaaedc9585e72ebfdb8ba85e79f52614d9b3626327ac882cc4a2f108ed71335e013b173a628cd83135f8806644f9af4ac1f7026a4a0ae71f12057534269160
- SSDEEP
  
  3072:OgX3OY/NPH8Aq+XdOeuohMvEuf555vyWd+9MtGGE0vWGNF7owCCx7/WgafCzg:WOLOAhLuhvyi6GTb8wCC5/Wgb
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2