Extracted

• • Target

    2982052f88d1466a184ca0620aa4ee6a_JaffaCakes118

  • Size

    319KB

  • MD5

    2982052f88d1466a184ca0620aa4ee6a

  • SHA1

    48d54e8d0eb8ed39c4a37d7fa66f64ca623bbaaa

  • SHA256

    e2ebeb9d7ac12f7465a44a186f2bc83be704f09a003530f40474bb4546769124

  • SHA512

    49092f9cae8d841e4f3841c8b0c0d5c1653f42a6030cbb55e98bf52ba0311ee15f4a059a06f79a84f0534f5e3ccfc8977177365a42058cad5f04f19135230eb5

  • SSDEEP

    6144:8urVvGt4mbGJgoZZcX9ETfwMvIsF9lTACVDkK0CPuT:8dtdggcsUfNFDACVf

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Loads dropped DLL

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2