Extracted

• • Target

    3f85197eab7e137d56013cf9d2004e0d_JaffaCakes118

  • Size

    807KB

  • MD5

    3f85197eab7e137d56013cf9d2004e0d

  • SHA1

    fe1621972a884147c1b670365d4917393c58c78d

  • SHA256

    3b03e7a0c4f16bb23ca78cb667dbd47828836203533a7bd258bfc061d7c07d2d

  • SHA512

    eba599601c221a7526adf8771478ec5f31e352e2c07e1b2b7f388f8dfb8f7a1d194f9cf4149c9ecd623487f725a3302347849fa63051230c180bcb155a27c85a

  • SSDEEP

    12288:GqpyvUIZbVlBPI2VBPVKjVrXv7ZKZPrSbzJDRABBnQL:OvDBlBPIOBPkBXv7WPrKzBRA7

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2