|
gptkbp:instanceOf
|
malware
|
|
gptkbp:abilities
|
screenshot capture
keylogging
form grabbing
download and execute files
exfiltrate data via FTP
exfiltrate data via HTTP
|
|
gptkbp:alsoKnownAs
|
Loki Bot
Loki PWS
|
|
gptkbp:category
|
cybercrime
infostealer
banking malware
|
|
gptkbp:commanded
|
gptkb:FTP
gptkb:HTTP
dynamic DNS
hardcoded domains
|
|
gptkbp:detects
|
gptkb:Kaspersky
gptkb:Malwarebytes
gptkb:Symantec
gptkb:Microsoft_Defender
gptkb:Trend_Micro
|
|
gptkbp:distributedBy
|
malicious websites
malicious email attachments
phishing campaigns
exploit kits
|
|
gptkbp:firstObserved
|
2015
|
|
https://www.w3.org/2000/01/rdf-schema#label
|
LokiBot
|
|
gptkbp:notable_campaign
|
COVID-19 themed phishing
2017 global phishing campaigns
|
|
gptkbp:platform
|
gptkb:Android
gptkb:Windows
|
|
gptkbp:primaryUse
|
steal sensitive information
steal credentials
|
|
gptkbp:programmingLanguage
|
gptkb:C#
gptkb:C++
|
|
gptkbp:relatedTo
|
gptkb:Emotet
gptkb:TrickBot
gptkb:Zeus_malware
|
|
gptkbp:sells
|
malware-as-a-service
underground forums
|
|
gptkbp:targetedApplications
|
gptkb:Google_Chrome
gptkb:Internet_Explorer
gptkb:Mozilla_Firefox
gptkb:opera
gptkb:FileZilla
gptkb:WinSCP
gptkb:Microsoft_Edge
gptkb:Microsoft_Outlook
gptkb:Safari
gptkb:Thunderbird
|
|
gptkbp:targetedData
|
cryptocurrency wallets
SSH keys
FTP credentials
VPN credentials
email credentials
web browser credentials
|
|
gptkbp:usesMalware
|
gptkb:keyboard
information stealer
credential stealer
|
|
gptkbp:bfsParent
|
gptkb:AgentTesla
|
|
gptkbp:bfsLayer
|
7
|