Two Days Left to Get an iPad Pro w/ Smart Keyboard, HP ProBook, or $350 Off with OnDemand and vLive Training!

Reading Room

Subscribe to SANS Newsletters

Join the SANS Community to receive the latest curated cyber security news, vulnerabilities and mitigations, training opportunities, and our webcast schedule.






Malicious Code

Featuring 115 Papers as of May 13, 2019

  • Loki-Bot: Information Stealer, Keylogger, & More! by Rob Pantazopoulos - June 28, 2017 

    Loki-Bot is advertised as a Password and CryptoCoin Wallet Stealer on several hacker forums (carter, 2015) (Anonymous, 2016) (lokistov, 2015) but aside from cheap sales pitches on the black market, not much has been published regarding the details of its characteristics and capabilities. This poses a problem to information security analysts who require such details in order to accurately prevent and/or defend against incidents involving this malware. The primary goal of this paper is to provide a comprehensive resource on Loki-Bot for those looking to better understand its inner workings and to provide contextual knowledge in support of incident response efforts. Contents of this paper will focus solely on characteristics identified during code-level analysis within a debugger. Basic static and dynamic analysis of Loki-Bot will be left as an exercise for the reader.

  • View All Malicious Code Papers

Most of the computer security white papers in the Reading Room have been written by students seeking GIAC certification to fulfill part of their certification requirements and are provided by SANS as a resource to benefit the security community at large. SANS attempts to ensure the accuracy of information, but papers are published "as is". Errors or inconsistencies may exist or may be introduced over time as material becomes dated. If you suspect a serious error, please contact webmaster@sans.org.

All papers are copyrighted. No re-posting or distribution of papers is permitted.

STI Graduate Student Research - This paper was created by a SANS Technology Institute student as part of the graduate program curriculum.