Extracted

• • Target

    3c5103c77675f880bf0922121845f60f155d06eae43f7519c4916bb3196b8e55.exe

  • Size

    178KB

  • MD5

    98a602591bf121ef9282ce623291a941

  • SHA1

    0c54e2ccbb64815c9e981af8e35feec1efedbd2c

  • SHA256

    3c5103c77675f880bf0922121845f60f155d06eae43f7519c4916bb3196b8e55

  • SHA512

    83f5af0bdc87f88056abd03eb7dab32e6a21204ec9bb8b8ce328f3ea9c7ab7e764b1cf358ad16dbb7c1016847fadc029e248420f8298927ad8e9b364140f2aa6

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Executes dropped EXE

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2