Extracted

• • Target

    9a67166c5a81302300022d5fcf029600356460fcf3ce82fa37db08b131a0459f

  • Size

    413KB

  • MD5

    a2b43ba6d6a6af9f0fa07cab1a1ffd64

  • SHA1

    0d63ee2545439dff61486e040fb8d921bee79ae3

  • SHA256

    9a67166c5a81302300022d5fcf029600356460fcf3ce82fa37db08b131a0459f

  • SHA512

    2a1105023880ae650ba67f2d657f3c0fe8c1a84c40a5a9ac5303f0c666226c454c40893f79073e816d14d873a3b583803934f9540a9ee7a604318affb1b427bb

  • SSDEEP

    6144:LBnmyK4O/ekC2y6gPWJ6OC4tp8k4Hg2Y5nkjtPPraKFMP4wzSl7dlP7O/9Dj:Q7e6gPPOCm8kSIsPWK2Ptzo7dpy

  Score

  10^/10

  formbook8rmtratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Executes dropped EXE

  • Suspicious use of SetThreadContext

  behavioral1