lokibot

General

Target

Pasūtījums_(P.O40562)_ SIA_BLIK-M_Doc.zip
Size

169KB
Sample

241031-ph7m3swpe1
MD5

d449ba26eb15c71f6591bc2163dbff73
SHA1

2c04b65b3b5096c4cde0e7c1535e2359e5c5673e
SHA256

5095515c5cf5cf9508422ab85334e3c8ba5ec5130f9fb70e5bed2c1d07188b05
SHA512

10144dcb6cdaf7b074a18ea05fd817e074fe73e8994faac1a932e15eea0cb8cc4d3fc20f4edd92fde8f698f43ca2e247b5456b53e379ea528ece0a455531fd28
SSDEEP

3072:iLku3X5qjluUsM+cYbsRQf/ezTrGrw9IQSikIQXW7btXwvSJsRotUi:5gpIuUsMubsRQfsTC8Q27bWSJHUi

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

https://rottot.shop/Mx2/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  Pasūtījums_(P.O40562)_ SIA_BLIK-M_Doc.exe
- Size
  
  248KB
- MD5
  
  65c61495f06833712c96643031dd584d
- SHA1
  
  52525341aab927f3d4970fbdcdc485589e6d93ac
- SHA256
  
  f8cf37bf2574eb73e4b6f2cad642ffe7ea5d5994bf39bd0a609d38c606774e68
- SHA512
  
  d8a9db24496b03fe07320eee1fedfc6e995ecbaf966c0e02d6c709eab2595ea0709d819996352acaa02b6d9afcf5f812c146ab7ffb79e47904c812907584f204
- SSDEEP
  
  6144:hh5RgOg+U5wU0QkQJj/tTWGYIlbySJ8Tn:hvRgT0Mj/tiGrJ
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Lokibot family
  lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lokibot family

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2