Extracted

• • Target

    3c74c849a09e708972e0dd3b46cd9f583059f8f5cd9d3f2db5bd3a9b8a788c41

  • Size

    726KB

  • MD5

    8a86ecf19e44fdb01bebd049066ae5ec

  • SHA1

    7be3fa1a92526cce784e8ba0f06f0183448dd5a7

  • SHA256

    3c74c849a09e708972e0dd3b46cd9f583059f8f5cd9d3f2db5bd3a9b8a788c41

  • SHA512

    eed9861b59a46e4bafe3931dc0ffbe3e95bd30b7208755544c7e721579e1f38aaf5c9d3dceb8868cd3a0010bff851630cef1a9ef2d7c02a5a7a51e8d4ea7941d

  • SSDEEP

    12288:31MPA3bSkmtgIXHDiwOtUeQ9B7Nusv3ZV+hliQdRIOrx7p58lCrd4gyQapWMsN:6A3b++FQrV3ZwliQdrxN5IC54TWMa

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1