Extracted

• • Target

    445342537392aa1e3756715d6f4eaafa281c4b8d5a8bfd104978ce4ce1635ac1

  • Size

    784KB

  • MD5

    dba4ccecc8307d0605845fd39e42ae5e

  • SHA1

    eb125af24da96fa4d4edd94cec7dab168735309e

  • SHA256

    445342537392aa1e3756715d6f4eaafa281c4b8d5a8bfd104978ce4ce1635ac1

  • SHA512

    fd4421a56d53a83b884baf710bd5ba0a079e1a99db7a7c64680c41b7a3e1aac00d61adf481fdb0ded216832a8e633381b9aeae9c456f5f49ff47ff5b391a68bb

  Score

  10^/10

  formbookkaratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Executes dropped EXE

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2