Extracted

• • Target

    cfdbd2b514b9d9b09e0c52c21c972385_JaffaCakes118

  • Size

    242KB

  • MD5

    cfdbd2b514b9d9b09e0c52c21c972385

  • SHA1

    fb4f74fd528a33226b25c68a54b5cf45080044bc

  • SHA256

    d8bb1bb8587840321e74cf2ab2f3596344cbb5ffeb77060bd9aade848fed03fd

  • SHA512

    c54cd4f43874290e87691ed7285cdec305433945e4bb02581bcd8d49702b4a98bce633530d2970a2b93cb195c700a6e9f28b9c4c47cd8ed6b47d3f8af014b5b1

  • SSDEEP

    3072:IcWEfvPO8t/STUsDQUoqeKHXuImmEvDxugn3cXpjvZ0q5TciX4Xe8S:IcJHPO8taorn8HXDg3cXplhpkeT

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2