Extracted

• • Target

    MalwareBazaar.21

  • Size

    651KB

  • MD5

    622fec48546a83b6c146074a7c6de40d

  • SHA1

    3cc90d360795455fa69b6bf12ccf36ae0e09106e

  • SHA256

    a96c7253cab161d289efdea709091608649deeb1423a4df65d1cd13ad28642ae

  • SHA512

    fe3048d55396bfea180146a37225cd42f8bcc21cf56cec063f02fb5a48b52bf9f316a072adb6733fc52488b21987d4f19b0262010cc1caa803343785892bed04

  • SSDEEP

    12288:3tJ6BgKTNRh02gF64s3leiYpIRsLI4L0i/xgQnrQstn8CMEaSLIMz+t:3tJofHgF83siW04L0i/xgKftn8CMEpLy

  Score

  10^/10

  formbookde94credential_accessdiscoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Credentials from Password Stores: Credentials from Web Browsers

    Malicious Access or copy of Web Browser Credential store.

    credential_accessstealer

  • Formbook payload

    rat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2