Extracted

• • Target

    JaffaCakes118_b59b03eb360520c77b045e12c0757b71

  • Size

    1.0MB

  • MD5

    b59b03eb360520c77b045e12c0757b71

  • SHA1

    066aff5336dcfb1f6e8ee6dadd51fd9020dec0e1

  • SHA256

    9f9c0eb9c4b24dab687e7d0bbde4964aaa92860d01cd925db182356e5a4052d3

  • SHA512

    d95e93021637e1fe68ebefc81db7530a6566d510f58746f5792814f31055133e6df416a5e069cb065db8cb6ac193c96e9f7dc669a46b8d1dfd3a4947cda7f622

  • SSDEEP

    24576:j7Xu5WFOBJ+OfXokA8ysqGyGzY/UH1PCvbWtSWg+Nq:j7Xu5BJv4kAlsCkYUH1PmStSWg+

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2