lokibot | c572680013e561ddb280c781719b704b01a0cf9b7b2446486229ceaf6a63d351 | Triage

Submit
Reports

Overview

overview

Static

static

5

Payroll List.exe

windows10-2004-x64

Sharing

General

Target

Payroll List.arj
Size

526KB
Sample

240617-j181za1hla
MD5

93b76e40f5b38df367ec7fe69de42991
SHA1

4b74405b6cf8ac0adcf5e1a698abb731c3d3169d
SHA256

c572680013e561ddb280c781719b704b01a0cf9b7b2446486229ceaf6a63d351
SHA512

9db8b70b14e093b330f133176a6e829e8de9c9744c643ce78e4cdda364059a791fe92586f8122735a9585db860758eaf84158e7b738da484548a36ee20ece29b
SSDEEP

12288:b+XwLL11jrssWHLaia1574qNY7XKsjJwbbKjPVtZHz1yjE:HLx1fss6aimSjKsiGj9t9qE

Score

10^/10

lokibot collection spyware stealer trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

Payroll List.exe

Resource

win10v2004-20240611-en

lokibot collection spyware stealer trojan

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Extracted

Family

lokibot

C2

https://edgewell.cam/DV2/PWS/fre.php

http://kbfvzoboss.bid/alien/fre.php

http://alphastand.trade/alien/fre.php

http://alphastand.win/alien/fre.php

http://alphastand.top/alien/fre.php

Targets

- Target
  
  Payroll List.exe
- Size
  
  950KB
- MD5
  
  34c6bd6d8454b0ad3eeafefe2c138115
- SHA1
  
  65475d8c787d6eeec41ab3071630234634f5dbf9
- SHA256
  
  6065145b2214d978e1a05db6ba499254426bab54750a56fed42df6057362acd0
- SHA512
  
  1b3534c6b0f5348ef055cfa882f0e78ebffe5d5f5aa9ea170549587e6dc638e2dab723f7f1b4c22c6579252d36896c9fdf5ab6c9e1f553a36bc49c07a4cde679
- SSDEEP
  
  24576:3AHnh+eWsN3skA4RV1Hom2KXMmHaBPt9Xz5:qh+ZkldoPK8YaBPTF
Score

10^/10

lokibot collection spyware stealer trojan
- Lokibot
  Lokibot is a Password and CryptoCoin Wallet Stealer.
  trojan spyware stealer lokibot
- Accesses Microsoft Outlook profiles
  collection
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

lokibotcollectionspywarestealertrojan

© 2018-2024

Terms | Privacy