Extracted

• • Target

    d3fe74deda533bf95b047a36b77780d4ae4d09f8f30e1089de52a7dd6025030b

  • Size

    209KB

  • MD5

    078a4ddc47888a0bd22c98fbb9398875

  • SHA1

    dabf8dfe47b16a9e0ed657533d9e16f9d96bb220

  • SHA256

    d3fe74deda533bf95b047a36b77780d4ae4d09f8f30e1089de52a7dd6025030b

  • SHA512

    f5548058d65059ff010934af7f85b7e48cf3ba4b81226d07254ea1437f1c049f57c194bfb037ee2f4c82aa5241ca11b71c6b3725815861fb5c931df3f9be03d5

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2