Extracted

• • Target

    MalwareBazaar.7

  • Size

    1.1MB

  • MD5

    fad2601b8d3ae921451df530f754a105

  • SHA1

    cd2e6daa5a20510ca430fd4ad0e7297f3658308e

  • SHA256

    29d57050ee10327642136e9e1a394ca996b42b95bae45d3dd44e392cec83c027

  • SHA512

    51176dd307286fc4a9b07cca80356a6c2b0f42a1fe947296a5f11f360ed54ea8299315223183e818da250a71f75a6134b6aafa4d3598310b896dbb9f8f8ac32d

  • SSDEEP

    24576:BqDEvCTbMWu7rQYlBQcBiT6rprG8aCHhItAQFbb2:BTvC/MTQYxsWR7aCH/Q9

  Score

  10^/10

  formbookdz16discoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2