formbook

General

Target

dafce59283b215958f71191b6ec0fc7c.exe
Size

782KB
Sample

211117-s1ea2aabdj
MD5

dafce59283b215958f71191b6ec0fc7c
SHA1

24108f367a810e2f08e0417e34b02848b33ce46e
SHA256

754a9c7607d3b754e5adab5f2a54a78d7596d2f73096bf4d529012e705cb1230
SHA512

fa846951b3f35880e4ca06f8015cc8213a85780e5a372a9ec8f28580632b9ccd22724e42039f6600f938b7add9b11beb38c55ac2681d9337d353c8a866496730

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ob7y

C2

http://www.metanewsroom.net/ob7y/

Decoy

ipsdjf.com

mlphntec.com

restaurant-day.store

writeramylong.com

flokigamefi.com

usetianyi.xyz

punishstrikebreaker.quest

ericnfleming.com

dhhwtieen.xyz

milfhackers.com

fewefie.store

pithstsdiet.store

kirsten-hemmerich.com

casinolopoca.com

sigag.xyz

geilepoes.com

metawhatsapp.art

sarjin.xyz

toprabatte.net

lotofbrave.club

Targets

- Target
  
  dafce59283b215958f71191b6ec0fc7c.exe
- Size
  
  782KB
- MD5
  
  dafce59283b215958f71191b6ec0fc7c
- SHA1
  
  24108f367a810e2f08e0417e34b02848b33ce46e
- SHA256
  
  754a9c7607d3b754e5adab5f2a54a78d7596d2f73096bf4d529012e705cb1230
- SHA512
  
  fa846951b3f35880e4ca06f8015cc8213a85780e5a372a9ec8f28580632b9ccd22724e42039f6600f938b7add9b11beb38c55ac2681d9337d353c8a866496730
Score

10^/10

formbook ob7y rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2