Extracted

• • Target

    tmp

  • Size

    1.0MB

  • MD5

    17bbc32ae7b7b8282df2908c19e7af86

  • SHA1

    20fedf92f7e8c031a197bf735ff6fced3d8e96a1

  • SHA256

    0e1d21f60b2306337010b1d717e236067de9c46bd2c4b9f7c38e011af7b46093

  • SHA512

    65ce67671dff258200d21b351915a9a69f4eb64b35fa1bd16549cab6bf0ad9eb7f9b7c6a87c0b7c103afe10c0069a9ab431d1bcedca5d7e7bde82dfd394ab614

  • SSDEEP

    12288:wT7PqP2iNcvaHfNSiJoAdC9Kpki86TPKBt+kY4sDTwKOZLeGu:dP1Ls/Umi86TPKBK4sDTgX

  Score

  10^/10

  formbookey84ratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Drops file in System32 directory

  • Suspicious use of SetThreadContext

  behavioral1behavioral2