SYMBOLCOMMON_NAMEaka. SYNONYMS
win.loda (Back to overview)

Loda

aka: LodaRAT, Nymeria
URLhaus      

Loda is a previously undocumented AutoIT malware with a variety of capabilities for spying on victims. Proofpoint first observed Loda in September of 2016 and it has since grown in popularity. The name Loda is derived from a directory to which the malware author chose to write keylogger logs. It should be noted that some antivirus products currently detect Loda as “Trojan.Nymeria”, although the connection is not well-documented.

References
2020-09-29Cisco TalosChris Neal
@online{neal:20200929:lodarat:d1cf82f, author = {Chris Neal}, title = {{LodaRAT Update: Alive and Well}}, date = {2020-09-29}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/09/lodarat-update-alive-and-well.html}, language = {English}, urldate = {2020-10-04} } LodaRAT Update: Alive and Well
Loda
2020-02-12Cisco TalosChris Neal
@online{neal:20200212:loda:3334939, author = {Chris Neal}, title = {{Loda RAT Grows Up}}, date = {2020-02-12}, organization = {Cisco Talos}, url = {https://blog.talosintelligence.com/2020/02/loda-rat-grows-up.html}, language = {English}, urldate = {2020-02-13} } Loda RAT Grows Up
Loda
2018-01-23Zerophage
@online{zerophage:20180123:maldoc:7574f7e, author = {Zerophage}, title = {{Maldoc (RTF) drops Loda Logger}}, date = {2018-01-23}, url = {https://zerophagemalware.com/2018/01/23/maldoc-rtf-drop-loda-logger/}, language = {English}, urldate = {2020-01-09} } Maldoc (RTF) drops Loda Logger
Loda
2017-05-10ProofpointProofpoint Staff
@online{staff:20170510:introducing:7355f5b, author = {Proofpoint Staff}, title = {{Introducing Loda Malware}}, date = {2017-05-10}, organization = {Proofpoint}, url = {https://www.proofpoint.com/us/threat-insight/post/introducing-loda-malware}, language = {English}, urldate = {2019-12-20} } Introducing Loda Malware
Loda

There is no Yara-Signature yet.