Extracted

• • Target

    636597dd8c59135be43119197ee60db2268abaa5d8a60f4c0ac296acd9dc444f.exe

  • Size

    1.1MB

  • MD5

    6bbfded2baa5a18cc97d10516ee91c78

  • SHA1

    9e39944c9d057d134b119c677be07975704e546e

  • SHA256

    636597dd8c59135be43119197ee60db2268abaa5d8a60f4c0ac296acd9dc444f

  • SHA512

    4d952c2ed6a876bd639b2a9e4baa5eeadbf01f314bcd1a2c80da564c4594330a5b26dc351c528b5c0d574e7013b387349ce77a274257b0df902a48e707545605

  • SSDEEP

    24576:nqDEvCTbMWu7rQYlBQcBiT6rprG8a4dz681iuw:nTvC/MTQYxsWR7a4h6Eiu

  Score

  10^/10

  formbookjd21discoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2