National Cyber Warfare Foundation (NCWF)

LokiBot Malware Uses API Hashing and 3DES-Encrypted C2 to Hide Infostealer Activity
0 user ratings		2026-06-25 12:19:17
milo
Red Team (CNA)

LokiBot, a long-lived infostealer first advertised in May 2015, continues to evolve. Recent samples demonstrate deliberate attempts to evade static detection and frustrate analysis by combining API hashing with 3DES-encrypted command-and-control (C2) configuration stored inside the binary. The result is a compact, stealthy loader that reconstructs and executes a traditional LokiBot payload while limiting observable […]


The post LokiBot Malware Uses API Hashing and 3DES-Encrypted C2 to Hide Infostealer Activity appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.



Mayura Kathir

Source: gbHackers
Source Link: https://gbhackers.com/lokibot-malware-uses-api-hashing/

Comments
new comment
Nobody has commented yet. Will you be the first?
  
Forum
Red Team (CNA)


Copyright 2012 through 2026 - National Cyber Warfare Foundation - All rights reserved worldwide.