Extracted

• • Target

    JaffaCakes118_e412dec033b703991798c4ac7f7b013b

  • Size

    373KB

  • MD5

    e412dec033b703991798c4ac7f7b013b

  • SHA1

    fc38d5190806fce07fa3c486d70ac8ab58baacec

  • SHA256

    7cf06b90a5f6e000c6ba7d7af40eddbf37c90f6b17fe4bf4069260856a33525c

  • SHA512

    ff83dbd1063f4e1cbaf7731e856e907f5b8983cd353315b4fbe673f5ebd853f01853700d104900fb2b72d2a172c344a942bba2f0d4debabe9a6989c8446125ee

  • SSDEEP

    6144:s6Uqd2GhNgc9bLrEnjDpyxpRq5tnsmOWYbl38J:9Ui2iNv9bLi4xezsmgbl3o

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2