ioc[.]one - OSINT Cyber Threat Intelligence Database

LokiBot: dissecting the C&C panel deployments

Show in Graph

Common Information

Type	Value
UUID	5df3dd88-765a-4164-ab49-c14599ee371f
Fingerprint	32593f6dc80d4206f5b367b8dd93a15ba77561748e9b2c9044f855e804261721
Analysis status	DONE
Considered CTI value	0
Text language
Published	Feb. 14, 2020, 10:38 a.m.
Added to db	April 18, 2024, 11:01 a.m.
Last updated	Aug. 31, 2024, 1:16 a.m.
Headline	LokiBot: dissecting the C&C panel deployments
Title	LokiBot: dissecting the C&C panel deployments
Detected Hints/Tags/Attributes	47/2/33

Source URLs

	Redirection	Url
Details	Source	https://www.virusbulletin.com/uploads/pdf/magazine/2020/202002-LokiBot.pdf

URL Provider

Details	Provider	Source level domain
Details	virusbulletin.com	www.virusbulletin.com

Attributes

Details	Type	#Events	Value
Details	Domain	247	www.virusbulletin.com
Details	Domain	2	logs.zip
Details	Domain	94	virusbulletin.com
Details	Domain	144	www.fortinet.com
Details	Domain	175	www.zdnet.com
Details	Email	32	editorial@virusbulletin.com
Details	File	37	functions.php
Details	File	1205	index.php
Details	File	101	gate.php
Details	File	33	install.php
Details	File	27	settings.php
Details	File	24	auth.php
Details	File	10	viewer.php
Details	File	2	converter.php
Details	File	61	search.php
Details	File	7	loader.php
Details	File	14	database.php
Details	File	2	logs.zip
Details	File	4	pvqdq929bsx_a_d_m1n_a.php
Details	File	1	m1n_a.php
Details	File	1	_a_d_m1n_a.php
Details	File	1	desk.php
Details	File	1	sand.php
Details	File	1	omc.php
Details	File	1	umc.php
Details	File	1	pen.php
Details	File	1	pvq.php
Details	File	1	cs.php
Details	File	1	loki.php
Details	File	1	new-infostealer-attack-uses-lokibot.html
Details	Url	109	https://www.virusbulletin.com
Details	Url	5	https://www.fortinet.com/blog/threat-
Details	Url	1	https://www.zdnet.com/article/lokibot-