Extracted

• • Target

    7faffe7091f5b6102dfb4cea734065df_JaffaCakes118

  • Size

    1.2MB

  • MD5

    7faffe7091f5b6102dfb4cea734065df

  • SHA1

    0ad15267b011455a695082738fad6118ad5fc74e

  • SHA256

    79c75eca7dac75274b5adf215b7d9c89af16b8e3a860926a704fa93cff9e8586

  • SHA512

    e9d7737b467f21dac8a1997deb03960eb620e84e28ec26db316537a9d91d44d85d38598fc41342abb9d7bb4600c806e1bdbaf54f93d5190fad32d7b1a65f0e51

  • SSDEEP

    24576:t0if5tEX7B1DIQaKzgNVXyGP4Ry14gjGTxlQqmPy3:t0HvUcg/rP4MtyZiy3

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2