Extracted

• • Target

    JaffaCakes118_c58e48fe28f84e2359af820fb583bc82

  • Size

    419KB

  • MD5

    c58e48fe28f84e2359af820fb583bc82

  • SHA1

    b0d7dbab93f62bfdd5c1178c98a3f1b3c7059894

  • SHA256

    2587179c5c51388c763787aaf3449a1c61b710db165a53ffb7510c1eadfebf01

  • SHA512

    a1af6a4780a4685b1d750f7bf94dc8ab87ff380ffac10a2d4f86d4c49c2e3ea9004973001e4880f48c3c4c7e085104524d5456c3e49c6ee93ee6d3cebf8ca6aa

  • SSDEEP

    12288:bUzcPZdUi2iN7EQfpl5wzR3CUpXEiHa3:4cBdUi1hEQfpXwzR3Cb3

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2