Extracted

• • Target

    Purchase order.exe

  • Size

    525KB

  • MD5

    a5f52a9c799b36cb3b16726d05fa6331

  • SHA1

    ad6282f9ccd7517ff594e7ee1d3f878a0d055c51

  • SHA256

    4832a2cd8445cf94157ca3274a0ada513a2e7b875ee545f589d34859d9c8fbfe

  • SHA512

    f06b79e471f14b4b4b91f65e8a4e7d7763904cf59800f05e701abd6cdd31cb07d86ed0073eb92d2ca31c5ff9e25138697d68d454515a3fa4cdcde56a6ff4991b

  • SSDEEP

    12288:sOv5jKhsfoPA+yeVKUCUxP4C902bdRtJJPiqXV1WYTbCntBmI:sq5TfcdHj4fmbNbCaI

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojanupx

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Accesses Microsoft Outlook profiles

    collection

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2