Extracted

• • Target

    fe66ecbd6fd8ab53daf22a4f759ba8fe_JaffaCakes118

  • Size

    230KB

  • MD5

    fe66ecbd6fd8ab53daf22a4f759ba8fe

  • SHA1

    73e04864d4c4d7d402c082c4a6cd9934dd9907cc

  • SHA256

    8fde220d40458eceb049d049f5391e8b2ff8f60e49d64d1272602e97d000a742

  • SHA512

    6e3039f87dbb24a77bbc4599b33f01f6945e5a5e7f808e99e9fae0be48bc6fcee8cbc35425295dfee1fe60d742f5461975f45abd7369d58afd865b3e6abdce14

  • SSDEEP

    3072:7KhRNLktPfWpUDQKsZo9vYCyQw4pa1AfLYPnEpDIEBtK9h1Wi8prbLdhnzcy2bx:76Nk2pFF+pgup4AfLYPPawfW1pbnz8x

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2