Extracted

• • Target

    bfd2462bc77e678aaa9b8b3113f40a7d_JaffaCakes118

  • Size

    692KB

  • MD5

    bfd2462bc77e678aaa9b8b3113f40a7d

  • SHA1

    c9c80e41c107dd4981273dbbc27ff8f33b5cacad

  • SHA256

    53a305bfa7b7d0df0e1ffd76a88a18933652fdc8bdfd389a64b5fb6a1dacb05c

  • SHA512

    6dfb4e1824c71b58baf64a922be31325ceccfdb324eb3ed16c690ab1b634314fc7ae80ff82766c370a19b94b10ad7dbfba72de8fcf5da133d3dc01a745c64f62

  • SSDEEP

    12288:cUzzHK7zz6qsN425+7jzeYa/jlcS/tXhAIH1LvyQS:3z+KqsePa/jlcCtXhnzI

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2