formbook

General

Target

318c866ef078ec6d9597aaebed8bc370
Size

799KB
Sample

210706-9mrms7lh1e
MD5

318c866ef078ec6d9597aaebed8bc370
SHA1

4d0008cb7d64f6fb5378672bc4a2edba43546e1f
SHA256

54469ace58ddcfdd6d834574d87003857b0cda05e27a0b8e31cb0b58e6ca105d
SHA512

cd32fd72eda19e8a2210a3b646b21cbee5b722672773a49c0e4dc02fdaad9c9fb99a60326eb1a9589e4b02b3e30eb85e2c5a3b5cfd767155f72fa123f9e68985

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.survivai.com/bsdd/

Decoy

533dh.com

galerisikayet.xyz

tipsyalligator.com

crystalwellnessstudio.com

moovaap.com

lelfie.network

speedy-trips.com

prospectsolucoes.com

24x7customersservice.com

szbinsen.com

shikhardeals.com

totaldenta.com

ayksjx.com

avxrja.online

24kyule888.com

ufaw.net

spinozone.com

castvoicesmsreg.com

lajollawoodworks.com

renetyson.com

Targets

- Target
  
  318c866ef078ec6d9597aaebed8bc370
- Size
  
  799KB
- MD5
  
  318c866ef078ec6d9597aaebed8bc370
- SHA1
  
  4d0008cb7d64f6fb5378672bc4a2edba43546e1f
- SHA256
  
  54469ace58ddcfdd6d834574d87003857b0cda05e27a0b8e31cb0b58e6ca105d
- SHA512
  
  cd32fd72eda19e8a2210a3b646b21cbee5b722672773a49c0e4dc02fdaad9c9fb99a60326eb1a9589e4b02b3e30eb85e2c5a3b5cfd767155f72fa123f9e68985
Score

10^/10

formbook rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2