Extracted

• • Target

    ff96a0a6a898a47265a817b0bf97ab1d_JaffaCakes118

  • Size

    660KB

  • MD5

    ff96a0a6a898a47265a817b0bf97ab1d

  • SHA1

    be983a6e8048e17e3475d3ce2a75844fe8b51a76

  • SHA256

    e71703a89fb65868f5daf7517bdd13d16ad09fc7f9a7b3bf4a65fa67844c4b1b

  • SHA512

    7f3c26df383b7aa8d8fe1a1869f519a1e039a36a5d4c4438e151e4f0b9dda6fa41b75b0d8396053aaf5c91ba690c928b30b1836eae150013600371ffbebe0e9f

  • SSDEEP

    6144:73cz/lhDZM7M00G4t2aFu7V1juxuXu2mid4vwfWZgUGDSG7XkimflOv:DcZFW0G/0u/tXuts4vwfW3mSe0imtO

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2