Extracted

• • Target

    ad2bc9259c1e585d4f57ef642ba39761_JaffaCakes118

  • Size

    1.3MB

  • MD5

    ad2bc9259c1e585d4f57ef642ba39761

  • SHA1

    4908cd9062033ff9754bb44524843ba1aecf2312

  • SHA256

    10a9b096a58113207c7609d58e6e9b5c83e819357fe2dee6f92a02dc63b65d74

  • SHA512

    e1fbafff8f5d949fd50cf51053997a4561de9c5208775300e8efe0f15455d12b02ddabda61f6f220316676496d2c8d026f88ddd5914f47a7280babd2206ee298

  • SSDEEP

    12288:qwzYSMYbRnmb4yyaPwUfcYG9mCEnqIT2fXdk/HmUVpJ03EVinI:qYYS9Ri4t+1qIT2fXdvOF

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2