Extracted

Extracted

• • Target

    INVOICE, & REMITTANCE INFORMATIO.exe

  • Size

    108KB

  • MD5

    61ce3c89c2578f45fccd23b556634adf

  • SHA1

    fb4c545865c343e4fa1c3e289c68a432c5cbf307

  • SHA256

    e6acd013f402294fb872251fc4ad72420d608afff59ba25d57efe2f812493096

  • SHA512

    e16f72251be777f6230ae0da589970f0e24d783bf3a9243bf553720359ea96aed60c06b40f7e68622991652b469dbf2dbfd21a7f77aac1753e7afbe229a6681c

  • SSDEEP

    3072:5Pyx4EtMJ+aoHibA4UbOB2P06J/RtfwXALweSaIKg/u3:5Ho8vUa2PjWXAsevg

  Score

  10^/10

  purecrypterdownloaderloaderformbookc1e9ratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • PureCrypter

    PureCrypter is a .NET malware loader first seen in early 2021.

    loaderdownloaderpurecrypter

  • Formbook payload

    rat

  • Suspicious use of SetThreadContext

  behavioral1behavioral2