Extracted

• • Target

    86b9aaa399ec6aa5a99f539922c860c1_JaffaCakes118

  • Size

    317KB

  • MD5

    86b9aaa399ec6aa5a99f539922c860c1

  • SHA1

    83ac3e0814306b580d77f0bd891c279c57cfccb5

  • SHA256

    c59840f2a37cc434ef9e343de8cb199142f80d6dd77e7cfa0869972c76f2af34

  • SHA512

    266163a3160cb86ab289a5d3f7e8c522a87c48dafab681bfb2d13a26e60672f8f1fa00382949b5c51794da8c3622be5b5887e439727c4678dc57a36547b016f6

  • SSDEEP

    6144:QGHX5Iphy5jt7XKk7ZHhooeIhcK7O46LalbCPrHWV730Q/CR8SEoZtF:QAX5Z7t7xmCcK7gLMCL8bKooZz

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2