formbook

General

Target

af112badf65b6d025a07fa95da6e9f20
Size

1.2MB
Sample

211206-hysqjadean
MD5

af112badf65b6d025a07fa95da6e9f20
SHA1

a7465fdbeaa1a60129ac3320a815e9ebdc7ba3c5
SHA256

1cbfaa8a18eb1b6aca5e3e487fbf74b278473d8be3caf45242a67ff6a1f58856
SHA512

309139fde987cebc8049083d4dc73939d418d6643ce323d1014bfe5496d95f7c3a36916d83df1589236062567d86f47d0ba6e74fba1b13265d7cb4bbb8e47b4a

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

9gr5

C2

http://www.cuteprofessionalscrubs.com/9gr5/

Decoy

newleafcosmetix.com

richermanscastle.com

ru-remonton.com

2diandongche.com

federaldados.design

jeffreycookweb.com

facecs.online

xmeclarn.xyz

olgasmith.xyz

sneakersonlinesale.com

playboyshiba.com

angelamiglioli.com

diitaldefynd.com

whenevergames.com

mtheartcustom.com

vitalactivesupply.com

twistblogr.com

xn--i8s140at3d6u7c.tel

baudelaireelhakim.com

real-estate-miami-searcher.site

Targets

- Target
  
  af112badf65b6d025a07fa95da6e9f20
- Size
  
  1.2MB
- MD5
  
  af112badf65b6d025a07fa95da6e9f20
- SHA1
  
  a7465fdbeaa1a60129ac3320a815e9ebdc7ba3c5
- SHA256
  
  1cbfaa8a18eb1b6aca5e3e487fbf74b278473d8be3caf45242a67ff6a1f58856
- SHA512
  
  309139fde987cebc8049083d4dc73939d418d6643ce323d1014bfe5496d95f7c3a36916d83df1589236062567d86f47d0ba6e74fba1b13265d7cb4bbb8e47b4a
Score

10^/10

formbook 9gr5 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2