Extracted

• • Target

    da32c24a460cc7a3134f189037333434ae1160aa97121b85a938060d1dbd1be8.exe

  • Size

    311KB

  • MD5

    e37d03ec97ae9fd4071378ee4a72e299

  • SHA1

    ea15d74ab5295b3733e4b498ec2c9ebfd28c151f

  • SHA256

    da32c24a460cc7a3134f189037333434ae1160aa97121b85a938060d1dbd1be8

  • SHA512

    0e0a7ab645dcd5c1dd8eea764f5ec5b747ff75ea8c9f58138abf6eba7c514331530cc81bd661261f2d7fbb85eab33f64cecb27865d423cbade72313861a328be

  • SSDEEP

    6144:tLeMIFObW3MII7uCLrKdDeISzOau+7ntkrcvEmG4ioNNtjcBdb7iZwrM3I4:bI/B0ogwKgmTioNNtgj74O4

  Score

  10^/10

  lokibotcollectiondiscoveryspywarestealertrojan

  • Lokibot

    Lokibot is a Password and CryptoCoin Wallet Stealer.

    trojanspywarestealerlokibot

  • Lokibot family

    lokibot

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Accesses Microsoft Outlook profiles

    collection

  • Suspicious use of SetThreadContext

  behavioral1behavioral2