formbook

General

Target

9a37b978e3b09412767c062b4ca7280e
Size

495KB
Sample

211122-l58l4sacb9
MD5

9a37b978e3b09412767c062b4ca7280e
SHA1

d4a092ebbb6e870edc1bf6d37a771f7469d7779b
SHA256

69169d89d7b806d4e42f45dc20447e2d8657cb7f5425b08fa35d6cdd1f303be4
SHA512

d4138a1e78a519492f7a3ca07a1327e8cfe7b6d165f0b5140b49375e410dde537381d750706333b52dc8de18c40a99e365eccee336743b3835ed52f3f16d6c26

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

- Target
  
  9a37b978e3b09412767c062b4ca7280e
- Size
  
  495KB
- MD5
  
  9a37b978e3b09412767c062b4ca7280e
- SHA1
  
  d4a092ebbb6e870edc1bf6d37a771f7469d7779b
- SHA256
  
  69169d89d7b806d4e42f45dc20447e2d8657cb7f5425b08fa35d6cdd1f303be4
- SHA512
  
  d4138a1e78a519492f7a3ca07a1327e8cfe7b6d165f0b5140b49375e410dde537381d750706333b52dc8de18c40a99e365eccee336743b3835ed52f3f16d6c26
Score

10^/10

formbook 9gr5 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2