Extracted

• • Target

    JaffaCakes118_892f5eb4d4352b78319e5bfce408f630

  • Size

    429KB

  • MD5

    892f5eb4d4352b78319e5bfce408f630

  • SHA1

    a801c5f7e7c6239c6fad6a45ee35b13c981dd3ca

  • SHA256

    966ee572b01c175987737437d167c9edf7846d3320805ba6a63f197086b36ad7

  • SHA512

    90ac08a8af227c42f1221f1bb2e4694eb1b6e9a6fa5aaa2716cf2d6605aee4b7b8f02fbdf4d042ed027ca94a599755b43410c605f10aae629f6f59404284a2e4

  • SSDEEP

    6144:CGxhLiIiSv/i9s0ONLRs2dT9xRmpRXN7hJyIWasraTQrHwC1OwL8:LdJay9SQTDRmpz7hhWasrakrHwMOw

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2