Extracted

• • Target

    Payment slip TT.exe

  • Size

    730KB

  • MD5

    5643e7a6dd9dcdb73826348ffc0e4a5c

  • SHA1

    d817b6131b61597c2fe9dcfc2aec0ce2341adeb4

  • SHA256

    794f51202f35431d4b1523aebd8f72ec72cdac3b53a297ae256010567d5aae84

  • SHA512

    d7bec53c63465a7ae5779e96af07f54290f15afee58d9b5fa284ae564976f2f27a4a202b9306fe8bc5255502bb97818e37178712eb58b58cde95cb4b3bad48d0

  • SSDEEP

    12288:fFgX2D0LK8uX3OAVDtWx8LaxyE5TWh2Lq/c+RK09X:9gmDAm55fAd5q2uU+RV

  Score

  10^/10

  formbookm25sdiscoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook family

    formbook

  • Formbook payload

    rat

  • Deletes itself

  • Suspicious use of SetThreadContext

  behavioral1behavioral2