formbook

General

Target

075bd1e3e3e0c01794ee6a84be2c585a
Size

722KB
Sample

211125-x28ngsbfe4
MD5

075bd1e3e3e0c01794ee6a84be2c585a
SHA1

984a18333bcd137d00a2223a10b83946f0b3949d
SHA256

42173f59707de5929c3bc6cd37d5e0dc55d990bce2c29aa6deac6e86c3eec250
SHA512

d00a949f26740996d4da000abc5b5241d812d3c7d1a1d0a92863a11f825b79333f20b4105bb2eaad67472f1229e35bd6e056a27be5c4418d639d18aeed3fc676

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

- Target
  
  075bd1e3e3e0c01794ee6a84be2c585a
- Size
  
  722KB
- MD5
  
  075bd1e3e3e0c01794ee6a84be2c585a
- SHA1
  
  984a18333bcd137d00a2223a10b83946f0b3949d
- SHA256
  
  42173f59707de5929c3bc6cd37d5e0dc55d990bce2c29aa6deac6e86c3eec250
- SHA512
  
  d00a949f26740996d4da000abc5b5241d812d3c7d1a1d0a92863a11f825b79333f20b4105bb2eaad67472f1229e35bd6e056a27be5c4418d639d18aeed3fc676
Score

10^/10

formbook 9gr5 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2