Extracted

• • Target

    SecuriteInfo.com.Trojan.Garf.Gen.7.4898.19865.exe

  • Size

    214KB

  • MD5

    6b3d29a22eeea61a865cd1deaef52404

  • SHA1

    2dece08d70ac3a0d45c48d452a0c30a1e53b72e9

  • SHA256

    b4894e0512db4aba5a1fd05d2415b5ad5f73474d456c9c9ddba8753e5ba37597

  • SHA512

    bb16350dc81183e1f95c5d5a320bbfbc7a601f59430aa0436584b8f01e2d014229f60f0eddcf9186edbc01af71b2a4a79b01320e09867b0749a718f6ba0752d6

  • SSDEEP

    6144:qweEpIIIg4H0ppuob6GzeFAQeKjGiaRhIsmN5cxPqO3r:btIdH0Z6GSOQeKqiAhIGCg

  Score

  10^/10

  formbookje14ratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2