S0447Windows

S0447Lokibot

Platforms
1
ATT&CK
14.1
References
5

Description

[Lokibot](https://attack.mitre.org/software/S0447) is a widely distributed information stealer that was first reported in 2015. It is designed to steal sensitive information such as usernames, passwords, cryptocurrency wallets, and other credentials. [Lokibot](https://attack.mitre.org/software/S0447) can also create a backdoor into infected systems to allow an attacker to install additional payloads.(Citation: Infoblox Lokibot January 2019)(Citation: Morphisec Lokibot April 2020)(Citation: CISA Lokibot September 2020)

Platforms· 1

Windows

References

  1. https://attack.mitre.org/software/S0447
  2. https://insights.infoblox.com/threat-intelligence-reports/threat-intelligence--22
  3. https://blog.morphisec.com/lokibot-with-autoit-obfuscator-frenchy-shellcode
  4. https://us-cert.cisa.gov/ncas/alerts/aa20-266a
  5. https://blog.talosintelligence.com/2021/01/a-deep-dive-into-lokibot-infection-chain.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Loki Bot
Software
QakBot
Software
Loki
Software
SDBbot
Software
Emotet
Software
KBOT
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.