Extracted

• • Target

    LEAK.EXE

  • Size

    262KB

  • MD5

    6b85dbb12585f5120e70e0cad7521654

  • SHA1

    93107e9c48785d4ff393478c32249a43d1b3c055

  • SHA256

    d4b23673edbc5a28526a91b7e10003c82449971f594a066941b2d8217fbf2ab3

  • SHA512

    a4c085779a17d9820b4f72a7ef5ba219cfe6e15a93c3599841ebb23c84908a0cbeab11f85f3d1846615d8869bf365ed45764ef1476c6a41f6d37d1e6392ad9fd

  • SSDEEP

    6144:PYa6jjX34cmYMHSBCQU8yEg4Quz02vXET3I3:PYxUPZV8BvQ4UTs

  Score

  10^/10

  formbookc02sratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Blocklisted process makes network request

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2