Extracted

• • Target

    Proforma Invoices Oct & Nov.exe

  • Size

    525KB

  • MD5

    3102ded8150ab50942806fece47877d9

  • SHA1

    0ea08a674c07a4f354ed7501788db4e3e17298c0

  • SHA256

    c14f938d6e95748fc2a3102fad37c48cc3d720cbe43420822c1b6da13ed800f5

  • SHA512

    4d18f8076876afe0a455350cf057e507324840235929557d6199d40d601df18dfe00ca96835a13cafddf429cbe9536f8db476e7f658ddaf764e8e906ec56a7de

  • SSDEEP

    12288:DOv5jKhsfoPA+yeVKUCUxP4C902bdRtJJPiUVrRGghXgLxH4oJ:Dq5TfcdHj4fmbVQN/J

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojanupx

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Accesses Microsoft Outlook profiles

    collection

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2