Extracted

• • Target

    d3ee7393910bb75330afc26aac3a742a.exe

  • Size

    661KB

  • MD5

    d3ee7393910bb75330afc26aac3a742a

  • SHA1

    ecac5b1a9f4a9242dd6dcce1a5405e2f1c5a1098

  • SHA256

    57cdb4d1bc88747a4552289f269a58948d096853d812b2224feab1751d974c30

  • SHA512

    9e9753e0040fddb89be965125ef1fec5b71a7f043065af8131b411a1449abef0e231fc6a8683a7a87dcbb7b486dcf7f9b39e10816303c0a0e9506af0002dcb08

  • SSDEEP

    12288:CHK1X2iNV66BbHOo66BamDadHVRE1CGyXBJAZ98sh5+7:L1nVdnV0mDaPR4pYBJAD8sb+

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2