lokibot

General

Target

f510fe6ae89ff655c0e174bb70e22b0c3ad067a74716d5dd27868de3ec791335
Size

528KB
Sample

250221-hrpejavrd1
MD5

1d11e5927bb9d5dc72a00ae2f60d87f8
SHA1

209a4fae2cf0699c8f9f8d707e9012ffc37aaba9
SHA256

f510fe6ae89ff655c0e174bb70e22b0c3ad067a74716d5dd27868de3ec791335
SHA512

dea5667205f8a1affe23876283cd17ee9374fb18c779c103cebe4d85f036ccc023aa9809bac8994ab069384b5095387aff811c9aaf77a2a51a05b391a59c6f24
SSDEEP

12288:+jSIohZs0pLaRb/o4MMxBCA6VTsXviASQg4p3V:ESIWC0pSGWBCtVTgv44JV

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://royalsailtravel.ru/Sacc/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  vslv91734231.exe
- Size
  
  945KB
- MD5
  
  6bf7f7fe6bf19076a75058586aaf4801
- SHA1
  
  26c37bfb14bc3333f8a47227b67c2e3a3b56bf0f
- SHA256
  
  ef38590a523e08f62162a2a72c3c8a2feec903676ce4cbce511b04e4ce8e3e40
- SHA512
  
  7daf241aefba34a15ce97642b27c78ff332d89f2c96ddb580e7207018e314a760e5e0b5002b5eec6ef7b8111783df2bced4c8592bb0f6f8c46359ba291764955
- SSDEEP
  
  24576:hu6J33O0c+JY5UZ+XC0kGso6FaH9gvo4b+WY:zu0c++OCvkGs9FaH9gvo8Y
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Lokibot family
  lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lokibot family

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2