Extracted

• • Target

    309273a4353e215a26f6ceebf70b4c1b

  • Size

    249KB

  • MD5

    309273a4353e215a26f6ceebf70b4c1b

  • SHA1

    5e5c25b8a585b9e88069cf0c0522e996197ffe30

  • SHA256

    e79623343ba17a7d652e7f27b09bf58c029e00109f888cb21f8f2b1ceccf7d71

  • SHA512

    2e88e768b61f8519d0eac3f1cbc25219f722f48511901f2f052a35049175c4da979fc46e26965ee33edfe1d4407b08b4b0ef753a7320504d8b70de9f30b6fca1

  • SSDEEP

    6144:F8LxBsZpBM0CcEnY5uCHitVfJYG6FPrwegVW4oO2LjnJQCv:/ZzpEYfiffiG0ceg04VkJ3

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2