General
-
Target
27035df4b07f71e6038a75fe424d6abfe8556bae5e4a2fb745de63b9ae3e9508.exe
-
Size
284KB
-
Sample
241123-xbrx2szqaz
-
MD5
d2a6ee389948528b2be8ecc43bc8d592
-
SHA1
13d4e2097cf03e2d698e2478f1f2bd40dcac20ca
-
SHA256
27035df4b07f71e6038a75fe424d6abfe8556bae5e4a2fb745de63b9ae3e9508
-
SHA512
3e73167a3473e8adca703d7d4c8372bb9beb7cdc25a89380e3d3f75e50bc3b76bf20eb68a24cb9ef5772f7f5c4007cbd5bd21ebf137e3bd13b5a0163ef51c44e
-
SSDEEP
6144:tn0rrQny760ttSGlvM5KvoDYlDpRkEH0t3vRis2fS:t0HANkUwvW+Rk2S3vRi6
Malware Config
Extracted
lokibot
http://secure01-redirect.net/ga13/fre.php
http://kbfvzoboss.bid/alien/fre.php
http://alphastand.trade/alien/fre.php
http://alphastand.win/alien/fre.php
http://alphastand.top/alien/fre.php
Targets
-
-
Target
27035df4b07f71e6038a75fe424d6abfe8556bae5e4a2fb745de63b9ae3e9508.exe
-
Size
284KB
-
MD5
d2a6ee389948528b2be8ecc43bc8d592
-
SHA1
13d4e2097cf03e2d698e2478f1f2bd40dcac20ca
-
SHA256
27035df4b07f71e6038a75fe424d6abfe8556bae5e4a2fb745de63b9ae3e9508
-
SHA512
3e73167a3473e8adca703d7d4c8372bb9beb7cdc25a89380e3d3f75e50bc3b76bf20eb68a24cb9ef5772f7f5c4007cbd5bd21ebf137e3bd13b5a0163ef51c44e
-
SSDEEP
6144:tn0rrQny760ttSGlvM5KvoDYlDpRkEH0t3vRis2fS:t0HANkUwvW+Rk2S3vRi6
Score10/10-
Lokibot
Lokibot is a Password and CryptoCoin Wallet Stealer.
-
Lokibot family
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Accesses Microsoft Outlook profiles
-