Extracted

• • Target

    07911697daf414a1a7ec700ea2ba8edd_JaffaCakes118

  • Size

    561KB

  • MD5

    07911697daf414a1a7ec700ea2ba8edd

  • SHA1

    c651317a00e6bac6bc24b1df295b47f8ad20642f

  • SHA256

    ed7e8237e098873b06a9c51541646babcf796f4b8487ee1125661aa41df20118

  • SHA512

    4ba5637a340da4e459b7bffe6054b70c246a321dadafb98bc83aee68667c33f80c8ae81306cbac8798c34a444e78ba5393941037ace26ea70f079c212a880735

  • SSDEEP

    6144:BTD9aca4ZJEXwTmGecw8FAyToIoYi9i6UQZ294/6W1R00RKKLI2PlItEDCpx5XTS:BTD9acRZeXEAMMPYS0QU9KKK3OtwCpD2

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2