Extracted

• • Target

    3893586721360d2a5473112f488b3386_JaffaCakes118

  • Size

    935KB

  • MD5

    3893586721360d2a5473112f488b3386

  • SHA1

    fc7ae99822d6529344f90416c8efd7eb9db3e79d

  • SHA256

    f1abc1c06fdb6ef8f7ea922f5d329dc2ad7dbdf7e1fa499dc5dc3eb6479ba299

  • SHA512

    bccd61bf8e42846fca91b7336554e5fcea8d5e1b97bfb9a8b8e92a6048ce3691a427dd0668e9f274cc972b067e719133b16a6a4e8441d774497af3a0c4bb6769

  • SSDEEP

    12288:ma7KPMyn3rojRD39ipKiw27ZdKEQrdl5/f3u3RydSTlye42Aj:77ZKodD38paw7or1//YR3yCAj

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2