Extracted

• • Target

    -COA.exe

  • Size

    535KB

  • MD5

    97369a835182e261530a34a778a5b5a1

  • SHA1

    4773a475188ce7cbe12487f8f2b9f101bf68dee4

  • SHA256

    a1f77d1997422f4bb911ad530de645219d7b462baf1b7f6ee346c5409b169a08

  • SHA512

    a4adbfa75645bf72f6524193450596041dc97ef7ec9580f96a5c196ac35a18ff329382218c3e156e90fd2d5977818d150e1d5a3dc4d30751549b5f75791bfd68

  • SSDEEP

    6144:OpOcsfOqeazCR9aYTJ/LZjeEc20Z+qSkDuLjZC0cdZ9gZJ3I+ue0LthRn3zYeNn4:OMPoVjq+3kcjI0cd7UueWhdjYa1RM

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2