Extracted

• • Target

    8a8f6c7b9c8cee57d97b599be719bece_JaffaCakes118

  • Size

    227KB

  • MD5

    8a8f6c7b9c8cee57d97b599be719bece

  • SHA1

    6c1563076361e6af0775e39b1138983d3057b4e5

  • SHA256

    f6f185cf7c6591797f9df660caf11d8b0485d907ca46a8fdb9b1e31577f2be3e

  • SHA512

    2681c8ab605c1ab0fce1e0ea0e4172b3a560ee1bcc2278506852d7aa39ce45d857a1fc5864cfb9bf1c0daf9d312fb10efaa4720ced1bd8fddac79619dfbf3bbe

  • SSDEEP

    6144:+kYF5T9Uho+dn2qOxjjNb+IcyyVZizBssWkIqtOM0HjWn:85TqLd2q8UIaZi1L/UpDWn

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2