lokibot

General

Target

6b8fc52d6152dcf9e0a970f4d812b6adeaf8727185aecd685ec731ac94a8dd9b.zip
Size

528KB
Sample

250221-dsxebatms7
MD5

0fe8befa81233370e0164da9d34dae07
SHA1

51bfdcb00cc1736bbcdcc26f24df6748fe7faba7
SHA256

6b8fc52d6152dcf9e0a970f4d812b6adeaf8727185aecd685ec731ac94a8dd9b
SHA512

f5ce965645df988e846f39ae782c2c90246b6abcd3b8fe070b7168039bac9dcf403bd305a560b2d855233be15ed470a99966a3eaa0be9fb18ba64db8e1768509
SSDEEP

12288:w9zt1Hq9FXOjVlMaF8mNBPvHzMj3X+VtJryDL5:gHEWmaxNZP6naE5

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://touxzw.ir/sccc/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  vsf098633534.exe
- Size
  
  945KB
- MD5
  
  cb68430ac5f87fddaf2af8477b82308c
- SHA1
  
  4b86f7f627f7bb989fc02e76dfe687c7d0d5ca91
- SHA256
  
  5eb39af58bc99962a6439d873bda78086903301b0476ef79daf3802220fdf382
- SHA512
  
  0c561291305ef66ee82712dad69d7e3c29eec29937990838bde6938e6db2802d6c8f93c9d54ca2beb22aba6a72dcd894b1dceff40b1593ed52ae5455d7efaafe
- SSDEEP
  
  12288:5u6JWgXT7rKfXNeKgOIc0nAWY/ySWHDVz/Vovh7V1C0NnCGso9fgBDYgaYT8JryW:5u6J33O0c+JY5UZ+XC0kGso6FaglgWY
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Lokibot family
  lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lokibot family

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2