Extracted

• • Target

    6553f13724c9450f8568b76bbf5ae58bd20df6b2c82fcdd4735045a9abf38224.exe

  • Size

    426KB

  • MD5

    65cfd297d07e70f3ad5986c506470f6e

  • SHA1

    20248d7d7fae80a826bbf815281767c687ad4287

  • SHA256

    6553f13724c9450f8568b76bbf5ae58bd20df6b2c82fcdd4735045a9abf38224

  • SHA512

    98e3879460ecdc9793ab274c28f799dfdde1b7e89a545df1164dc8f62c22eb38289e8515b9433ed1cf34000120f941a086043b6283130c3fbd8172ecdce6175b

  • SSDEEP

    6144:vGxhLpRI6hv9emJQN60HNUfWCnul/3oehlEiS1ZW8pjLJt:e0iQ60HNwnul/3oeMfpxt

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2