The message rar attachment contains an executable file: the malware itself. Stolen data is exfiltrated with smtp.
Lokibot is behind a very urgent request for confirmation on a wire transfer. The rar attachment of the email contains an exe: the malware itself. This, if opened, activates the infection chain
Lokibot hides behind a very urgent false request for confirmation on a bank transfer, theoretically coming from a company in India.
The rar attachment contains an executable file: the malware itself. This, if opened, activates the chain of infection. The goal of the cybercrime behind the operation is to steal sensitive information from the victim. Lokibot (aka Loki PWS and Loki-bot) is an information — stealer, which acquires credentials, cryptocurrency wallets, and other types of data.