M22-M7088
Year:
2022
Description
This strike sends a polymorphic malware sample known as LokiBot. Lokibot is an information-stealing malware designed to siphon off sensitive information stored on an infected device. It is modular in nature, supporting the ability to steal sensitive information from a number of popular applications. It is commonly pushed via malicious documents delivered via spam emails.The binary has random bytes appended at the end of the file.
References
"https://www.virustotal.com/gui/file/d94a1e9281426e715a46338e94e6b16c614a9ff271da27b3a52c3ddc2985d914/detection/f-d94a1e9281426e715a46338e94e6b16c614a9ff271da27b3a52c3ddc2985d914-1657570978
https://blog.talosintelligence.com/2022/07/threat-roundup-0715-0722.html
https://attack.mitre.org/techniques/T1009/"
https://blog.talosintelligence.com/2022/07/threat-roundup-0715-0722.html
https://attack.mitre.org/techniques/T1009/"