Extracted

• • Target

    gunzipped.exe

  • Size

    552KB

  • MD5

    fc36cd1e8398a2a80c73adb216e1467f

  • SHA1

    8b23327b0cc9a846d4403a804a4ba510595072fe

  • SHA256

    8711e0e6e3e5e0b15d2998e1a5cd6843d5e6778109b74d6c68679880318b3cd4

  • SHA512

    f592350506b79331137f807ee3f081cad911f4584e9d33923456e7bcb5f73e1c070d39a31f9b7d66be0ef2f2481cb02c80496cd956631e483fc3dedeac79a6e6

  • SSDEEP

    12288:axauTX2lSW6RuDUva8kXdB4/itMklPg4RIKE8NK0EIWDm4:CLj2l56RuDUgHfi

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2