Extracted

• • Target

    9e35a4beee0d3b8df0920fd5f3f9eb6e_JaffaCakes118

  • Size

    782KB

  • MD5

    9e35a4beee0d3b8df0920fd5f3f9eb6e

  • SHA1

    e6b0a224db2649252a275d8423df0f4f9416fb17

  • SHA256

    0b5f2f86aa2c8593c911b7ba83009e92dca66f466649481a110672c53c6f1183

  • SHA512

    d83992d21d0ceaa7efb9832336a4a8d76265a111de88de6039c7b3216787531e5e16a2612ca0b6c2fda2b328b20b9d8e84260d7f950c40c84779a3e734f86d93

  • SSDEEP

    24576:sLqkmNQ23cx0PK6WHLqkmNQ23cx0PK6W:duQnuQ

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Drops startup file

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2