Extracted

• • Target

    Proforma Invoice.exe

  • Size

    526KB

  • MD5

    8a837ff22ac4b29071a8bb9a1990b2e1

  • SHA1

    13325e7f017dbece8799c6a474c2b5c7869fce07

  • SHA256

    6cca6d4fdb09556a47e58c002e227f93281ca6f7f553acd054e6ced27a124fad

  • SHA512

    effa316f2428f9410e12f27f34d47fedcb807c12f86eee2f1e6ddf6f09a29765aecadca7488b2db33b70683e0cb2961134b7dbc3dccd82b50f1d5aa8cd3b20a3

  • SSDEEP

    12288:+Ov5jKhsfoPA+yeVKUCUxP4C902bdRtJJPiv27j8JnB1a:+q5TfcdHj4fmbbMra

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojanupx

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Accesses Microsoft Outlook profiles

    collection

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2