formbook

General

Target

c71f136a10c7c2f067f0a551a48f8ff6
Size

886KB
Sample

210706-e1cj1aqw4s
MD5

c71f136a10c7c2f067f0a551a48f8ff6
SHA1

a3bfac3f71eb6b1e1519d42ec8e01f4aff4d8d5a
SHA256

8a8cc0347be5e13c27bbb82822db989e8c47896d8e23944a8f5f419f4b6989ee
SHA512

11623a0118b5cb78ae77ec9c5f119e2c530614c295b297d27858b188846555918b8fdf4eec8a5fb04952ffa6af35bdc4c584c2805de9e991bf12fb3ca2db1d90

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.share-event.info/wlns/

Decoy

travelagentngapali.com

cassandraclub.com

yuanhenghuanwei.com

rellimsewil.com

servingsunshine.com

guniverse.net

livingonresidual.net

fourmid.com

batesandmills.com

produtos-servicos.website

pokemonteambuilder.team

ticeye.com

latituderc.com

xn--ok0bv0wfrj.com

strinix.com

nycmama.com

sljy8888.com

lifeinsurancerd.com

osdbapi.com

xydwnzavp.asia

Targets

- Target
  
  c71f136a10c7c2f067f0a551a48f8ff6
- Size
  
  886KB
- MD5
  
  c71f136a10c7c2f067f0a551a48f8ff6
- SHA1
  
  a3bfac3f71eb6b1e1519d42ec8e01f4aff4d8d5a
- SHA256
  
  8a8cc0347be5e13c27bbb82822db989e8c47896d8e23944a8f5f419f4b6989ee
- SHA512
  
  11623a0118b5cb78ae77ec9c5f119e2c530614c295b297d27858b188846555918b8fdf4eec8a5fb04952ffa6af35bdc4c584c2805de9e991bf12fb3ca2db1d90
Score

10^/10

formbook rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2