Extracted

• • Target

    f222e73cdbde2f20630a304c806d040e5fad40943b9956060edfdc5331c7972f.bin

  • Size

    4KB

  • MD5

    5bfdac78f2d94be770c79b293566621e

  • SHA1

    2db46cebbf70e92dc37c898e93c4805b62e82c39

  • SHA256

    f222e73cdbde2f20630a304c806d040e5fad40943b9956060edfdc5331c7972f

  • SHA512

    fe8f1cf4b637311a7522272324c02c80184f6cc240c9e2fbf0a6bf0a80a967fdb3f4cbb5ecf67b2e4fa0de49f667072c800c482aad8cb38c3dcb2a6fc7935f27

  • SSDEEP

    96:8VeBJzLOxsJHS2HLGQvthddgR+VRA769XCWVUkga:JwsJHSotrqeXCmga

  Score

  10^/10

  formbookt6tgratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Blocklisted process makes network request

  • Downloads MZ/PE file

  • Executes dropped EXE

  • Loads dropped DLL

  • Suspicious use of SetThreadContext

  behavioral1behavioral2