Extracted

• • Target

    Payment Advice_16007618765.exe

  • Size

    590KB

  • MD5

    742b63d93401a9af88183725ee503df3

  • SHA1

    ecfb96a3f57aee691a1c80a750518f39a8cbc474

  • SHA256

    5ffa345944786c7b505a3b1b3392560b1b987529c49e11893642c8be816aa313

  • SHA512

    713a629070a15990f1eaa70368bfa891ab3b736060c129ef689ecc8fd3bc5119de7379e71e272cf05d1fa50c73a68edb92a316a0507ee759e91d939d7b4af9b1

  • SSDEEP

    12288:tGL21ILq9J2cWjoIa8JnjoQ/huW2YxUlbODcOYNSddW4Jf5CoXkR:ML21ILq9JrAa8RjDwLYxN4NGNfS

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2