lokibot

General

Target

7f04a1d1824b3ec895b377a60c065145.exe
Size

999KB
Sample

250103-e78xbszkf1
MD5

7f04a1d1824b3ec895b377a60c065145
SHA1

f89bf4fea5f1be66fd69d14dadc88e7f4ea24606
SHA256

d360ff97054b8da398a04cc947ba71f00e6f04ad83163abc9c13a5eaf9d7bd83
SHA512

67c7d7ffbdc0686af39888c08a303ab03ea60630308b1a8b3fc4badcd14f9f9438e48b42da050c5fd461b7564cfb094ba41d9d80b2cabddb9c2e0687a525e1dd
SSDEEP

12288:Htb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNDPPpHrYP72RGghXgLxH4oJ:Htb20pkaCqT5TBWgNjVYD2QN/J

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://94.156.177.41/alpha/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  7f04a1d1824b3ec895b377a60c065145.exe
- Size
  
  999KB
- MD5
  
  7f04a1d1824b3ec895b377a60c065145
- SHA1
  
  f89bf4fea5f1be66fd69d14dadc88e7f4ea24606
- SHA256
  
  d360ff97054b8da398a04cc947ba71f00e6f04ad83163abc9c13a5eaf9d7bd83
- SHA512
  
  67c7d7ffbdc0686af39888c08a303ab03ea60630308b1a8b3fc4badcd14f9f9438e48b42da050c5fd461b7564cfb094ba41d9d80b2cabddb9c2e0687a525e1dd
- SSDEEP
  
  12288:Htb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNDPPpHrYP72RGghXgLxH4oJ:Htb20pkaCqT5TBWgNjVYD2QN/J
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Lokibot family
  lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lokibot family

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2