Extracted

• • Target

    05f763c6293bbf6ea3cb055043265326f6d714b30b7032a6fcbe236bf46233d9.exe

  • Size

    520KB

  • MD5

    cdad057bf858cecb47bcf67d3b9fe985

  • SHA1

    0e51ac74967a4771cc5b0e0fa16039da7d1ad97b

  • SHA256

    05f763c6293bbf6ea3cb055043265326f6d714b30b7032a6fcbe236bf46233d9

  • SHA512

    4508956347171da74e06c8b7aa5dd6810d2d2923065a47ebd4790644729db39c4e3ea77ceaf36898515413fd7a10666987706fae293957ecbf8fd87f92117292

  • SSDEEP

    12288:KQdRlF6OB7cYznoRyTctRdJyzjDA/N0AJ7y0muakyLb5Z:fRv6OB42oRyTgyzjDA/iARmZkMdZ

  Score

  10^/10

  lokibotcollectionspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2