Overview

overview

10

Static

static

3

8a76574c97...cN.exe

windows7-x64

10

8a76574c97...cN.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8a76574c9702b7c064ddb4f22f85d5795012189339bdeaf42151dedd300033dcN.exe

  • Size

    496KB

  • Sample

    250204-zs9kjaskcw

  • MD5

    02ede2996d8518134c22849870ed8c50

  • SHA1

    357b7d88838da944358695fd39cbe3632ec00ff3

  • SHA256

    8a76574c9702b7c064ddb4f22f85d5795012189339bdeaf42151dedd300033dc

  • SHA512

    549bfe6208d0cec5b5d92de0238b23b0751cc85f7d4c86e8327d0ec2b730da8d74cc50db17427f786550289f09f94f757a8df3f1ba43a2a7baca894f2b2982b0

  • SSDEEP

    12288:w3vNGY2Ow4Fuya1ghBEbbwjT10DdiB7Sgi1XyIu:YcSw+UgXYbC1Oda7Sn

Score
10/10
lokibotcollectiondiscoveryspywarestealertrojan

Malware Config

Extracted

Family

lokibot

C2

http://198.187.30.47/p.php?id=21645050038542306

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

    • Target

      8a76574c9702b7c064ddb4f22f85d5795012189339bdeaf42151dedd300033dcN.exe

    • Size

      496KB

    • MD5

      02ede2996d8518134c22849870ed8c50

    • SHA1

      357b7d88838da944358695fd39cbe3632ec00ff3

    • SHA256

      8a76574c9702b7c064ddb4f22f85d5795012189339bdeaf42151dedd300033dc

    • SHA512

      549bfe6208d0cec5b5d92de0238b23b0751cc85f7d4c86e8327d0ec2b730da8d74cc50db17427f786550289f09f94f757a8df3f1ba43a2a7baca894f2b2982b0

    • SSDEEP

      12288:w3vNGY2Ow4Fuya1ghBEbbwjT10DdiB7Sgi1XyIu:YcSw+UgXYbC1Oda7Sn

    Score
    10/10
    lokibotcollectiondiscoveryspywarestealertrojan

    • Lokibot

      Lokibot is a Password and CryptoCoin Wallet Stealer.

      trojanspywarestealerlokibot

    • Lokibot family

      lokibot

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Accesses Microsoft Outlook profiles

      collection

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks