Extracted

• • Target

    26c2843e979b2cfb7f5d649935e0d51e_JaffaCakes118

  • Size

    460KB

  • MD5

    26c2843e979b2cfb7f5d649935e0d51e

  • SHA1

    7ebca7158a3e6cd5a38d7dc9963aebba95cebf08

  • SHA256

    06318d3332ca9f12ac3bcfde1a75cd54283c2a57f9a33f0648638d3760ca2d98

  • SHA512

    aca7fa6c93c4f8edc844b1cc0c698467b92178b863ed5f7bac47b332a9ef7657d6ffbdc6ea415838cccdd39d2dd558f0624e743a175932d975a3b1960d1db7a2

  • SSDEEP

    12288:OsX0Y4OV8l0LwrJ2ekR00ua7xDIVnsRv48y8pk6hm:NeXqLwrJ2PtPxynSbRRm

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2