Extracted

• • Target

    3361435f0e37bb30c5c3baa430c8a858_JaffaCakes118

  • Size

    767KB

  • MD5

    3361435f0e37bb30c5c3baa430c8a858

  • SHA1

    7eff2ae3502173cf2449f40a3af34ca436bfe228

  • SHA256

    767193f28a5cddd2dd46f2daf3eb32a00f9e100565da64f612099e1ea297e8a7

  • SHA512

    783b377b8e12e6bb14237fee174cfd046d40bd519031f0d565d4ffced95978dbd69df400c400b5f205fe894fccd3876099e7f7834a452dea731ed383f13aca24

  • SSDEEP

    12288:E38ZC2jTIBwgM9poZThtKyx12lwLxog3rChBQhwIRP1rOcLXSobjzNzEx:WfzBw3PotKWR9h3On6t1rOsS2jzNze

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2