Extracted

• • Target

    Payment_Advice pdf.exe

  • Size

    1.2MB

  • MD5

    6cf9d0cd325beeb461dbe39c74483686

  • SHA1

    71792078df265b5aef884d7f3710a24d11088262

  • SHA256

    cea476506bdbb5781b4fc674b15a0d15c1be4e7459a0b0bdd7132e1d406a226e

  • SHA512

    4ec448183d6c49c82e4086b8a1a3a7d0118ee10e420615cf58a3eaa5097a15c5903d3614616634cc692172a75f6982448263b159e252a84a2a4e426cc2e72f8e

  • SSDEEP

    24576:PCdxte/80jYLT3U1jfsWa32BvSTGU7hHtQ:Ow80cTsjkWa3e69c

  Score

  10^/10

  formbookk94gdiscoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook payload

    rat

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • AutoIT Executable

    AutoIT scripts compiled to PE executables.

  • Suspicious use of SetThreadContext

  behavioral1behavioral2