Extracted

• • Target

    059703b7a182a2e9be1567e72d10891b7e0bf8dbe2df1db6268207bf96e7030c

  • Size

    662KB

  • MD5

    8dadad022754626954a2be4a450edd88

  • SHA1

    ef6f08992d0d91617c86750fe6bab1d1de194700

  • SHA256

    059703b7a182a2e9be1567e72d10891b7e0bf8dbe2df1db6268207bf96e7030c

  • SHA512

    52a8469e9ec2c71d3dba770fc55f995b0a70211284598eac5b693d3874f3a4d87086058745f977d5676873d8593deeda1dcde246016c8048bee84106223d58cb

  • SSDEEP

    12288:RfK9AMTihh6xhZ6Oruii50Me2goxfMYA1fm6iDpXoHqtCGzQ:pMUgh8yBergoNMxm6KXDcV

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1