Extracted

• • Target

    da53101e26fe4b8d0cf447ce7e93d50c_JaffaCakes118

  • Size

    1.0MB

  • MD5

    da53101e26fe4b8d0cf447ce7e93d50c

  • SHA1

    44d3120f180e03a17c12f07782eb17bc7fb0db16

  • SHA256

    929ab588109d7a5a57f6132a72bd1fa83edab6a6c790e29a0214af54e57de2f9

  • SHA512

    630bbccb6b6360c952daa3d9d22bcd1dc84a9afc66ae6da4ab8c73f3d9ba975a50c8e6d3e8d1bd079f73ab77397020d83262b51f597ca4168b46b7cd69a782e7

  • SSDEEP

    12288:rbGDS2OW4jifm9RfYICOwDPE5kv6A5oC98iSFmc:vibOW4jbDYhDsuv6AHc

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2