Extracted

• • Target

    b0f971c078d16563fb83fad4066ec31b_JaffaCakes118

  • Size

    296KB

  • MD5

    b0f971c078d16563fb83fad4066ec31b

  • SHA1

    665456db184150ed5b0ec4974d43ad2a50406a0a

  • SHA256

    b2d561621fb51170080b646aa96ec14994a3882047fe0adc61b04a07cd618884

  • SHA512

    1462ccaa07bab6743ef4dcf2adfd82bc4dbb498562c83e3d6bd031a1f9d01928bbe5bd29240b52c7b34149054c907471222fd96061e56daace9b84268115c186

  • SSDEEP

    6144:AIqYfzlR8NE20CLcE8/AhWUdmS4TTNEAtBUz9SIAS8XkzWo6PyFq/:Ax4zlmE7CLcE8uWUdmXnNEAbUpaUSoWF

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2