Extracted

• • Target

    82dc89757479317dcf084448dd8411b1503442fbcb30589d0f3dbd97d5762c59.exe

  • Size

    306KB

  • MD5

    73f90e1f101dd65da64b3f51d5c73c79

  • SHA1

    998e9def1a207bbb72353b537daba688d7c6862c

  • SHA256

    82dc89757479317dcf084448dd8411b1503442fbcb30589d0f3dbd97d5762c59

  • SHA512

    ef909586df9d3ebac48333a34eb6f231ec7faa88bab3befdc037f8d0bb1b2bb32b0b2f2efbe0ac97bbdd85bfdfcfa6dc32f027f6e458cc8d17733168ae17642e

  • SSDEEP

    6144:eeMIFObW3MII7uCLrKdDeISzOau+7ntkrcvEmG4ioNNtjcBdb7is+q3I1:OI/B0ogwKgmTioNNtgj7m1

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2