Extracted

• • Target

    JaffaCakes118_d10abec08c013481440e91aacfbd228e

  • Size

    366KB

  • MD5

    d10abec08c013481440e91aacfbd228e

  • SHA1

    a3f94b322f6ee9a050e6546fd39793b44246a977

  • SHA256

    c58eb58f1204138ebc61f3a6fb5d965af19616d668b25a43c1666beebca87520

  • SHA512

    1db885420bac7b38889d98ce85e387bddf4fe6bc24b849c1bbdcd4e32a267b926c09b6628bc76fb771d545abdc14d11a3e1d9a7fa380eeab520f208b87527bb1

  • SSDEEP

    6144:u6Uqd2GhNjRcmNtmnLlHqpVXbbjno+5hV5VXJA8DylJsDWKWHSH7:bUi2iNNcwtmJHqpVXbvnoA88WaWZ27

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2