lokibot

General

Target

eacf155fa8949f4969ec58a9f164622cf227cb2274fa0173fc8971d0c7e09e93.zip
Size

528KB
Sample

250226-fqwq4s1lw9
MD5

d0b28b4bca2208bae860c8cdfd12b454
SHA1

8a44ef92e9ecd08e8515e2a044eb0bab2a0ebc31
SHA256

eacf155fa8949f4969ec58a9f164622cf227cb2274fa0173fc8971d0c7e09e93
SHA512

2cfef3efcc894d558a2a2451d6cec9c63625421034f1b16da03a2e7778c92791c582137d5a71a7a9e8823ce64762fe7ae5b973f0f4266cf90ca14751a6b244d5
SSDEEP

12288:GOisG/uziDOJODs4+h2dGaEvNtN4D+hWIC6ap3NZj:GZs5ziDfw47Gnvz2D7RNL

Score

10^/10

Malware Config

Extracted

Family

lokibot

C2

http://royalsailtravel.ru/Sacc/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  QUOTE_1.exe
- Size
  
  946KB
- MD5
  
  2c70152d969c9348058eb77552791cbc
- SHA1
  
  fb70382b31b9797c9df442d8c488729045ca1382
- SHA256
  
  02e2b52e0906320509c198fc82c8d369506c7c387e52e6e615e25a0dde0b9db4
- SHA512
  
  99620b61a0b41607e713e2ce4277615fc2b6d0f6b095c7e9cdff75ca5d16e460f32ed1dc9b7fda629fc814eff317780f3602d21172b22b710aa805329b58bb6e
- SSDEEP
  
  24576:tu6J33O0c+JY5UZ+XC0kGso6FaobJXKCWY:fu0c++OCvkGs9Faop6Y
Score

10^/10

lokibot collection discovery spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Lokibot family
  lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Email Collection

1

T1114

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Lokibot family

Accesses Microsoft Outlook profiles

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2