formbook

General

Target

3811dd96b6bbae4548337336368461eb.exe
Size

611KB
Sample

210928-h1m8tsbadp
MD5

3811dd96b6bbae4548337336368461eb
SHA1

218fbe2c10e0bfaf100695523bcc5ca24bf26ded
SHA256

3b012c89bb2f6a513be0335d94b0b7f8517edeb70ba37b559a94b0993df4ad80
SHA512

0cae7c27cf6bcf49aaef4dc218118b5cdeadf025504b16e006bf3b66978c150cbea816f535a9f96ade928de7d057cc99554c73ccd95f577fb43368826decbd1c

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

C2

http://www.zahnimplantatangebotede.com/mxwf/

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

- Target
  
  3811dd96b6bbae4548337336368461eb.exe
- Size
  
  611KB
- MD5
  
  3811dd96b6bbae4548337336368461eb
- SHA1
  
  218fbe2c10e0bfaf100695523bcc5ca24bf26ded
- SHA256
  
  3b012c89bb2f6a513be0335d94b0b7f8517edeb70ba37b559a94b0993df4ad80
- SHA512
  
  0cae7c27cf6bcf49aaef4dc218118b5cdeadf025504b16e006bf3b66978c150cbea816f535a9f96ade928de7d057cc99554c73ccd95f577fb43368826decbd1c
Score

10^/10

formbook mxwf rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2