A Deep Dive into Lokibot Infection Chain
released on 2021-01-07 @ 06:01:39 PM
Talos provides an in-depth technical breakdown of one of the latest Lokibot campaigns. The actors behind Lokibot usually have the ability to steal multiple types of credentials and other sensitive information. This new campaign utilizes a complex, multi-stage, multi-layered dropper to execute Lokibot on the victim machine. Additionally, Talos has released a new script to unpack the dropper's third stage payload.