lokibot | f1a43d8b49bda3c88eb1c314c9460a92c0b467ea8db4c9086ac8e3bfe358e511 | Triage

Sharing

General

Target

Conan Fegan - Aluminium.exe
Size

389KB
Sample

210222-ztx1re215j
MD5

708ee64939578fbb07010e20f6c7672c
SHA1

335dc9a9142b528848b8446be2afda844f6d673f
SHA256

f1a43d8b49bda3c88eb1c314c9460a92c0b467ea8db4c9086ac8e3bfe358e511
SHA512

0760e722df49e3a10b26320b54648029c1d7e2862bca7f1bc4d9a60cf9a46a6d847eb3a86825ea1faa59aaa93725d601cee8c3167f4a8fe01ff4454e823fec9a

Score

10^/10

lokibot spyware stealer trojan

Malware Config

Extracted

Family

lokibot

C2

https://www.ritcophysiotherapy.com.au/wap121/five/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  Conan Fegan - Aluminium.exe
- Size
  
  389KB
- MD5
  
  708ee64939578fbb07010e20f6c7672c
- SHA1
  
  335dc9a9142b528848b8446be2afda844f6d673f
- SHA256
  
  f1a43d8b49bda3c88eb1c314c9460a92c0b467ea8db4c9086ac8e3bfe358e511
- SHA512
  
  0760e722df49e3a10b26320b54648029c1d7e2862bca7f1bc4d9a60cf9a46a6d847eb3a86825ea1faa59aaa93725d601cee8c3167f4a8fe01ff4454e823fec9a
Score

10^/10

lokibot spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

lokibotspywarestealertrojan

behavioral2

lokibotspywarestealertrojan