Extracted

• • Target

    77a9bf1a5bf83aafee87bfb37d935ab1_JaffaCakes118

  • Size

    802KB

  • MD5

    77a9bf1a5bf83aafee87bfb37d935ab1

  • SHA1

    b4e5ebab6d2834ebb35d0a25ad0695af7d595edb

  • SHA256

    cb786b6896effbf83f899d705e315092bf1cff30958a658cd4a04ec6eb3daa8c

  • SHA512

    b38ba2c1c8e64bc4f833f0af5ddd45ce8a8c95c8b1c5785d66f61d2d510538ced70ee03d9b675cf1705b1ce06920f2fd13f253200cf7f2946e62cf03637b00fa

  • SSDEEP

    12288:yb6mCM9sXHh9BoRPqsxOVKuS5r70xwgeqh043L97/hOddu+5LZN07ttm8:LeSHhYRRxOVGcxJBdb1mdu+327ttx

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2