formbook

General

Target

37d6fe6c4a5668a8960683f776fcc4aa.exe
Size

1.3MB
Sample

211216-kkwldaccgn
MD5

37d6fe6c4a5668a8960683f776fcc4aa
SHA1

fb5ae3d64ca4051c4eaed570f362f80d96d9f7c2
SHA256

5cf30c00d7d4d16229204e0c969f26a1a0fa2f0067818d518a81d97123e277d9
SHA512

64f147fd4a4709901a0530293c2380c40b17d0fc1bc3ed6ca077b869d61462abb1f995cafd7489fea36e29475a9e2cf8ec53bc7a46327e25033761dd5b28676e

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vngb

Decoy

omertalasvegas.com

payyep.com

modasportss.com

gestionestrategicadl.com

teamolemiss.club

geektranslate.com

versatileventure.com

athletic-hub.com

vitanovaretreats.com

padison8t.com

tutoeasy.com

ediblewholesale.com

kangrungao.com

satode.com

prohibitionfeeds.com

getmorevacations.com

blinkworldbeauty.com

kdlabsallr.com

almanasef.com

transportationservicellc.com

Targets

- Target
  
  37d6fe6c4a5668a8960683f776fcc4aa.exe
- Size
  
  1.3MB
- MD5
  
  37d6fe6c4a5668a8960683f776fcc4aa
- SHA1
  
  fb5ae3d64ca4051c4eaed570f362f80d96d9f7c2
- SHA256
  
  5cf30c00d7d4d16229204e0c969f26a1a0fa2f0067818d518a81d97123e277d9
- SHA512
  
  64f147fd4a4709901a0530293c2380c40b17d0fc1bc3ed6ca077b869d61462abb1f995cafd7489fea36e29475a9e2cf8ec53bc7a46327e25033761dd5b28676e
Score

10^/10

formbook vngb rat spyware stealer suricata trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2