Extracted

• • Target

    e20cf5c319fe815eb1845556289e56f8c3241019a907adb6f4a33e8dc9ecab59.exe

  • Size

    559KB

  • MD5

    f13f9ca5ede930df8310e504372ca4e5

  • SHA1

    bd28bfbb2472cd7f66be9cfcc11b77c17d08cec7

  • SHA256

    e20cf5c319fe815eb1845556289e56f8c3241019a907adb6f4a33e8dc9ecab59

  • SHA512

    ffe9fc1378bd084fa785c2d9361c32dcc740355d208b425647b3a0e5b02f8040154e60595e62c8100728ed4ded99c1d9ce3c69de3a8ce4226d50be0c5955850a

  • SSDEEP

    12288:CsHzOUNUSB/o5LsI1uwajJ5yvv1l2ihNYL+58d2:ViUmSB/o5d1ubcvvu+502

  Score

  10^/10

  lokibotcollectionspywarestealertrojanupx

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Accesses Microsoft Outlook profiles

    collection

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2