Extracted

• • Target

    PROFORMA INVOICE210505133444.xlsx

  • Size

    804KB

  • MD5

    f1564a3a6e6a3227169d136c2652eaf2

  • SHA1

    6c17ecc0377cf31207087f53cf4228ed98939d3e

  • SHA256

    195f8028bfd632ee22ff9c3e25de3b118f0847fb21fbe91ba722ecbbfa5f2869

  • SHA512

    fedfd51564d0f06cc20e068726c6154f1aa380b4c182ab7a423d9ec3690aa13199cc77573cab010b3d61c389ed52470bd6a565a32723cadf2ed1fdad71456522

  Score

  10^/10

  formbookratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook Payload

    rat

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2