Extracted

• • Target

    7ab2739191ffe0747c6d98daf2f5c266b1f75b6952022df5477c999ea3c4966c

  • Size

    638KB

  • MD5

    a9230f4ac19c05db8a4cb51d38677cd5

  • SHA1

    8076db6339ae1402f282ee7f85f185bc31f49c33

  • SHA256

    7ab2739191ffe0747c6d98daf2f5c266b1f75b6952022df5477c999ea3c4966c

  • SHA512

    96f4a375d016280a7c27555995d52dca587cd7cc7b8ad15c8e686554ec781c112b7dc2165705781a0dbca9169fa34aa76063d56e5f380e29ae6a29b6942256da

  Score

  10^/10

  lokibotcollectionspywarestealertrojanmetastealer

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Meta Stealer Stealer

    Meta Stealer steals passwords stored in browsers, written in C++.

    stealermetastealer

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2