Extracted

• • Target

    TNT Receipt_#87993766478.exe

  • Size

    1.0MB

  • MD5

    7d6acfeacf49facac641f6911159c9af

  • SHA1

    1640387d381b24e1b9be2cd463a4eedfa3887ff3

  • SHA256

    76d4ecc42ba33b99e9ff0071b2e15f2674387406c480caf9177c103c5091c5ed

  • SHA512

    9bd72dd64672de605994ba37442354f4a5ad1f5a8b845bfeae429e4dcb9ca46090cd8da239ede250ed0db39fed1d6b69bc57677f6db12ba959bd2a98895f4b05

  • SSDEEP

    12288:hqvOWfw2iNP5B8F1CKbeBLiWC63EM2K5rXHCGF0D1S0uRkBLKMH/kvTVWTjuFkhM:hqLo1wvCQM2yFOMkBeMHcv69A1

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2