formbook

General

Target

46cb216976e96c5177b934976db5f078
Size

453KB
Sample

211104-xel6zaedfr
MD5

46cb216976e96c5177b934976db5f078
SHA1

47181a95c8d31bf92c6a6008028cea4c9a81587c
SHA256

27b73d13a548e7501e9e2de62382122adacf550f464c1139994cabf7265b8ee4
SHA512

57e6f2f2940ce1b059f087b0e0e791e5d206718d6f785d44deadbb0bebfc39ad13925be9fe52972eb44ff5c5944459cbeae89c86f24d847db94d885eadc880ab

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vngb

C2

http://www.gvlc0.club/vngb/

Decoy

omertalasvegas.com

payyep.com

modasportss.com

gestionestrategicadl.com

teamolemiss.club

geektranslate.com

versatileventure.com

athletic-hub.com

vitanovaretreats.com

padison8t.com

tutoeasy.com

ediblewholesale.com

kangrungao.com

satode.com

prohibitionfeeds.com

getmorevacations.com

blinkworldbeauty.com

kdlabsallr.com

almanasef.com

transportationservicellc.com

Targets

- Target
  
  46cb216976e96c5177b934976db5f078
- Size
  
  453KB
- MD5
  
  46cb216976e96c5177b934976db5f078
- SHA1
  
  47181a95c8d31bf92c6a6008028cea4c9a81587c
- SHA256
  
  27b73d13a548e7501e9e2de62382122adacf550f464c1139994cabf7265b8ee4
- SHA512
  
  57e6f2f2940ce1b059f087b0e0e791e5d206718d6f785d44deadbb0bebfc39ad13925be9fe52972eb44ff5c5944459cbeae89c86f24d847db94d885eadc880ab
Score

10^/10

formbook vngb rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2