Extracted

• • Target

    2402f165befaa33e3700592cb7defe4c

  • Size

    536KB

  • MD5

    2402f165befaa33e3700592cb7defe4c

  • SHA1

    e1c0b072bf018dc8af85ff4972a7e0718a4c7bf7

  • SHA256

    cd71cf303bb183ffcf34487f8db9b3c05f517e0659b972153d5739422da9fbf3

  • SHA512

    ff5f1dac40696ba5875abd8baad70b6b5c2fad8485530c6a09217c5d1ce9cd57b761861aa4d07998b13f12f85353336332649b3b6fa036489cd95d8a5a89e322

  • SSDEEP

    12288:C0v18ALEf9yyKEyBxH8qr+axm9UfQ0J+/t3zlVlhq40wTgcJ:C0v18ALEf9yhEExc4m

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2