Severity
Medium
Analysis Summary
Loki-Bot (also spelled “Loki Bot” or “LokiBot”) is an information stealer that sends login credentials and other sensitive data from an infected Windows host to a server established for each malware sample. LokiBot is a prolific trojan designed to covertly siphon information from compromised endpoints. The malware is known for being simple and effective and for its adoption of diverse attachment types.
Impact
Indicators of Compromise
IP(s) / Hostname(s)
37[.]49[.]224[.]216
URLs
Email Address
inca.chemicon[@]indocater[.]co[.]id
Malware Hash (MD5/SHA1/SH256)
Remediation