Extracted

• • Target

    RFQ-56566666.exe

  • Size

    301KB

  • MD5

    5715ba8843db8b546c7b02c4779f0da5

  • SHA1

    f4829f717b13ccad4bb5522f6bec19b8a6542556

  • SHA256

    6932485133a755307c9a47908b52a34a7bbf5748564477b1e40ae4ef3d8b484c

  • SHA512

    568a99807055746769e9a7f2a1b6951aacb2a845b562600b25f69367ca0c216c4c7112931aabeaceb8bfea46bec4cdbf6ef4e1586c2301896d3476889f27cb58

  • SSDEEP

    6144:zqOiKE8RZK5rwXROf4GPR1L5+8hDiNf533mVk+s48L1A:NRZK5KOfb5Xben8Zs48L1A

  Score

  10^/10

  formbooku2s7discoveryratspywarestealertrojan

  • Formbook

    Formbook is a data stealing malware which is capable of stealing data.

    trojanspywarestealerformbook

  • Formbook family

    formbook

  • Formbook payload

    rat

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Suspicious use of SetThreadContext

  behavioral1behavioral2