Extracted

• • Target

    SecuriteInfo.com.Trojan.Packed2.44597.4928.31978.exe

  • Size

    1.1MB

  • MD5

    002e87b0ea62442b8c89ccfba9137109

  • SHA1

    0b283d4f22bc526f3c2d98b3d64430bba393ebdd

  • SHA256

    722f3b52c9b45f5a0219423bf17052ea5cb2d4e9dc6a461af97ca55f13678ac4

  • SHA512

    9332f8212b18047743cdf8a5ea4e95463d7ad5302c91b05cf9d4b336b55e356912502dc5cda722697026d818675f8e400038fe22ea0ef6f20f7a1fe9fb69646b

  • SSDEEP

    24576:wUTGpqdOpYgvymjwNJgs6+RrGj1En1w5:wnpqdOeg6mOn5Gj1aw

  Score

  10^/10

  formbookxloaderfofgloaderratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Xloader

    Xloader is a rebranded version of Formbook malware.

    loaderxloader

  • Xloader payload

    rat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2