Extracted

• • Target

    80088780f42a493922da6027af86325e_JaffaCakes118

  • Size

    292KB

  • MD5

    80088780f42a493922da6027af86325e

  • SHA1

    112c3f7b0a52beb43658d951ce6062806c0f633d

  • SHA256

    044cc3c2d6f5a51bd99ba65bfe5231a39b0f68401dd2ca2cb4965ba3fd0f8be8

  • SHA512

    8d53d3863b553a1aae513fc59a970d7227565f2ef6e1a14d28f86e05843843459054f2659c213ed1adb75898a3938d57583ff79d673662d358942c7c0216d5be

  • SSDEEP

    6144:bTXif78LNimDVwLU9ahIfrxGzWKlXUZPDdkoyrpVUbgCQ7T7TTchVP:fifoLNrhw6joPlkdqoVJ

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Executes dropped EXE

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2