LOKI

LOKI

#Threat Defense#Threat Management

In-depth threat intelligence reports and services providing insights into real-world intrusions, malware analysis, and threat briefs.

Visit Website

LOKI: A User-Friendly IOC and YARA Scanner for Compromise Detection

LOKI is a straightforward IOC and YARA Scanner designed for detecting Indicators of Compromise.

Detection Methods Overview

1. File Name IOC: This method performs a regex match on the complete file path or name. 2. Yara Rule Check: This involves matching Yara signatures against the file data and the process memory. 3. Hash Check: This process compares known malicious hashes (MD5, SHA1, SHA256) with the files being scanned. 4. C2 Back Connect Check: This checks the process connection endpoints against known C2 IOCs.