formbook

General

Target

51577ad5c1831e5c27c6574a1f064e88.exe
Size

466KB
Sample

211103-y1j46scadq
MD5

51577ad5c1831e5c27c6574a1f064e88
SHA1

2edd85625f49abc18f0ba85b87e37fc2a2c16853
SHA256

221e9e3719749c7017ad2100a3d48e0ddb47824e02627fe859706fb591332849
SHA512

960e94dd50ef761f16b7ef1d476331e6e030b925e90f1c752d09637e157eeb24c82cd735ab2d0f037dc70f6076f404dfe70463268e3335574737e454111c375f

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

C2

http://www.zahnimplantatangebotede.com/mxwf/

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

- Target
  
  51577ad5c1831e5c27c6574a1f064e88.exe
- Size
  
  466KB
- MD5
  
  51577ad5c1831e5c27c6574a1f064e88
- SHA1
  
  2edd85625f49abc18f0ba85b87e37fc2a2c16853
- SHA256
  
  221e9e3719749c7017ad2100a3d48e0ddb47824e02627fe859706fb591332849
- SHA512
  
  960e94dd50ef761f16b7ef1d476331e6e030b925e90f1c752d09637e157eeb24c82cd735ab2d0f037dc70f6076f404dfe70463268e3335574737e454111c375f
Score

10^/10

formbook mxwf rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2