Overview

overview

10

Static

static

3

c049ffcacd...97.exe

windows7-x64

10

c049ffcacd...97.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6cc0abc5f4e343708dc4ad0073784da3.bin

  • Size

    273KB

  • Sample

    241212-btws3aznbq

  • MD5

    99b80aece69f53fd6e14d9075bd53a5d

  • SHA1

    1a366becbc7c05105959975bb49a2cd5121120fa

  • SHA256

    69a6553ff3b148b34d0e8da752de47afd8bdf00ccb5be6d19bb87ec83c541257

  • SHA512

    3f25be90f4049377d1036dd00149a4912be50f4e18391874b24fa2d1144d64ac9605d03b5a431342149465e435bb9f087fb67f99df3aebb537ed9926e47ecdae

  • SSDEEP

    6144:6N9K1Ex89VxFpC7CXJBAffP13p8+f+jga:6No1v9VtCGXJmfP13pnuga

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

https://www.stipamana.com/jedrshyyjdft/Panel/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      c049ffcacd139b734c807013fefa36e6730077930d3736f342aaddc3fe144497.exe

    • Size

      305KB

    • MD5

      6cc0abc5f4e343708dc4ad0073784da3

    • SHA1

      a2c0274575fb089bb76f34bf0b52e9f84f0c0a3a

    • SHA256

      c049ffcacd139b734c807013fefa36e6730077930d3736f342aaddc3fe144497

    • SHA512

      61703c2283b321f30d47e6e2319d8372abd3d6eb980a27ca08d70946b7053f904d2adbc8c71ea3e36c8e6a29d110939f71289e437d936db757a53819576ca310

    • SSDEEP

      6144:VkbCBC44YUk+XfYQqlUv5uUmLRuXr1/dIU8A8OvCCuwiVj7tjYd:fBCpBGUhuHROr1186vCCuwiVj7tjY

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Lokibot family

      lokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks