Extracted

• • Target

    94ad555272ae26415cb4060f749307a9_JaffaCakes118

  • Size

    1.1MB

  • MD5

    94ad555272ae26415cb4060f749307a9

  • SHA1

    7a79fa9940ea62fe1ae9e39f73d5b1b0c99ecb9d

  • SHA256

    294c4226caa4209b7df9c1e4a014d0ef6406e3d69a15dae5b02998820b51a1c3

  • SHA512

    1c0d3c067c72c546c5bc61d59ff9a9b49999e21dba0885f62db6c30376c8310cfcd90b4eac3e6afbcf17dd4471d39f6932a014724342e19e7742495f20754b99

  • SSDEEP

    12288:a3HxvTzdIhHc6s6fvAHL8EIEgCPcuxWlsmP8H7zNA8vF0FBWa4fzU2dFz:a3x3S7s6fvAHa1eWnEb6+OF+z3z

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2