formbook

General

Target

5.ppt
Size

98KB
Sample

211022-n1sq7sbeg5
MD5

5eaa84b0c240d03b69d5a12e16319313
SHA1

c7d17ca1cca02ec03394c79551be5fcdaaf3af25
SHA256

26087c7091a3f3b9498859836bc82b495d685f3a2b63a5eabb0822ee41f35d61
SHA512

b5eccd9618f1f81aad222cef183e095915b6fbda421a6ab91a8be816644716b4537798afe5567857979a45b6ee46c0c3e71fba1888760f0e6e978e18209ee415

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

rf3t

C2

http://www.logjed063.xyz/rf3t/

Decoy

palmettohomeswakulla.com

sorelleapparel.com

abouttohour.com

ogrownhemp.com

themontagnard.com

zarioch.space

lty712.info

ajdstone.com

600plusgymspa.com

schmitzland.com

luhuigw.com

mysafeplacetoinsure.com

barkpark.club

investigation-science.com

sermonartnotes.net

gorgeousflippinllc.com

smarttrendshop.com

markusjungfoto.com

glyzaelbol.info

thewiseowl.art

Targets

- Target
  
  P. Order & Contract (A-4553).exe
- Size
  
  119KB
- MD5
  
  47a193c4053f1e61c651957ad62f2c17
- SHA1
  
  ac3ec7cc4adaf522f71c5525e766880ff49f8ae7
- SHA256
  
  17d8c85afcc4c938a591751f2a636dd38609b8eacb54cf9df967e0e64386d031
- SHA512
  
  0e7e8cae941c222320a1e31bc2f82e5d3bdc4dc1083d4d0f096806e4bee60c51f6ed349f45f26c0dd6d58894f96cf91018ab482475a15a7ed38554d49bd621aa
Score

10^/10

formbook rf3t rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2