Extracted

• • Target

    44f7ef2579c6f7218614ce7336e19b05_JaffaCakes118

  • Size

    242KB

  • MD5

    44f7ef2579c6f7218614ce7336e19b05

  • SHA1

    ddf12087417da7974a6122616beebf62ccb8d8f9

  • SHA256

    21d20868359158bc59aef5f5e508121ffb4a299883d8f454c3f40a9a2170d6ae

  • SHA512

    b7db384b82696228ea4807254f2fc80cca5de1735b12f30a45d45b4e527ae06d4aea07adb1f57f6cb3ffaadce24d62b841437c26ec4ec26856db6b82cae4025d

  • SSDEEP

    6144:qOxS919/EnkMwmeKvMjh9QOYeXxkP3MktSrDvs2qmZf:qD9rAkMqDjYKkfGDvb9N

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2