Extracted

• • Target

    Purchase Inquiry_#466789.exe

  • Size

    522KB

  • MD5

    5eece0f9333721c96803f39becae9fa3

  • SHA1

    4508905c92a34c55d3b9b9fa5700c6b640b9a200

  • SHA256

    706a564a593479d9948fe8cfe542c4a788a80e3d08c38dc888179c5340023a08

  • SHA512

    09922db0f9814db2398c2f468a56168e36d2b272aafd401dfc607ab78d3599552843cafab443bc6d64997d64fe51774b50adfe952a1938e70390df2d71602144

  • SSDEEP

    12288:EOoSQi8LkpEauXFg5bb4P2mvtjB7NAtAHyDBWjUNoxsdlh62b7e7kR:7LvjE9XFxP2mVN7quHydWjUeWLOe

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2