Extracted

• • Target

    e0fcbfd00a1701a85bca2f1d8ee33151ffdc7f477b540d6ccbf1cc549b6b83c1.exe

  • Size

    373KB

  • MD5

    adee8745abef1d79ff97343ed015b31e

  • SHA1

    012174a8eba98dbfe1c819d5320a8c635f6ce868

  • SHA256

    e0fcbfd00a1701a85bca2f1d8ee33151ffdc7f477b540d6ccbf1cc549b6b83c1

  • SHA512

    ba8f98659e5e6938901e2849cd846c856c37544e6d41b40f4d7d9f507f8a72ecd36902fb2f415c2822dd1711531a909a356e598fda37733edb4763bed63a6498

  • SSDEEP

    6144:r6Uqd2GhNNqhtkeplw5Pr17r9q0QSlPHfZvvFd2zLq29EdInfO8R:OUi2iN8keplwh1nYqRHb2qvuRR

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2