Extracted

• • Target

    acb58cf1f819372ca5f461636f47ef790ec5d2748a5eaa3676104e46cdca1b19

  • Size

    480KB

  • MD5

    6d7ada8915023eb188f47444a77d169d

  • SHA1

    f87023a7c0de6b0ff4b0b2b799e58f41b938c332

  • SHA256

    acb58cf1f819372ca5f461636f47ef790ec5d2748a5eaa3676104e46cdca1b19

  • SHA512

    d37cf81df8f8dc64c5d5f0d68a2ad428b7d7d31658dd6980bc27db0d3dbc3ef44776012ea72feafc1c3348b0c9cd3599ce89168aa7edd992769dca26a98cc084

  • SSDEEP

    12288:TEqy7sSW7kNUhBiTL1wuG2YVkp455oaomdIbTbq:TE5wzAQUTO/2SkpWon

  Score

  10^/10

  formbookairatspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2