Extracted

• • Target

    DHL Express_D09884445.exe

  • Size

    495KB

  • MD5

    e7d0fee78fbbd99cc4d5fbede8a87f1e

  • SHA1

    b20ac6c0c1880785878030c2d1a415b2649032db

  • SHA256

    2039b244c42b06c3133712d5ac6819bb3a913fc3fa837c2f533aa9eef6380024

  • SHA512

    94b8a9e742ef394b8a76ce25b7d790aad2e0dd58ee5029459ea5bbe5066ac526d72ad5afff840c008931c0affbbb9b2ee08f1a9d43678c889ee09f862c7a3268

  • SSDEEP

    12288:4qTrQaSejL8Zm9Yfk3nGtTktmile5HVjgoLUzVN+7:4qTrQaSejL8Zm9Yf8w5iU5ZTaVN+

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2