← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malware Campaign Exploiting Microsoft Office Vulnerabilities to Drops LokiBot
WHITE Superpro 2023-07-15 Modified: 2023-08-14
26
IOCs
MEDIUM VOLUME
FortiGuard Labs recently conducted an investigation into a series of malicious Microsoft Office documents that were found to exploit known vulnerabilities, specifically CVE-2021-40444 and CVE-2022-30190.
lokibotfortiguard labs threat researchfortigatefortimailforticlientfortiedrantivirusfortiguard webc2 serverfortiguard ipreputationserviceteam
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
LokiBot
Indicators of Compromise (2 / 26 total)
All domain CVE FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL
TYPEINDICATORDESCRIPTIONCREATED
CVE CVE-2021-40444 2023-07-15
CVE CVE-2022-30190 2023-07-15
References (1)
↗ https://www.fortinet.com/blog/threat-research/lokibot-targets-microsoft-office-document-using-vulnerabilities-and-macros