formbook

General

Target

dd76e3a7854555bf0a76aff66d6e75e8.exe
Size

476KB
Sample

211221-kq1saadefr
MD5

dd76e3a7854555bf0a76aff66d6e75e8
SHA1

48fe64eeb38728c58443ace7df337f8905823437
SHA256

59193ea2bc603f875f795f48d8c2711ad6e4321853e881691f180192e6f29f77
SHA512

6d2fbe0b4efa6606c3321d5a5c119a02d04479852165307315eaf6ffeeaf390b6413a833754d4a73895a996e600ab4dd0dae85adcc237ce399cc3aa6720cd6d1

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a83r

Decoy

comercializadoralonso.com

durhamschoolservces.com

onegreencapital.com

smartcities24.com

maquinas.store

brianlovesbonsai.com

xin41518s.com

moneyearnus.xyz

be-mix.com

fengyat.club

inspectdecided.xyz

paksafpakistan.com

orhidlnt.top

princesuraj.com

vietnamvodka.com

renewnow.site

imageservices.xyz

luxurytravelfranchise.com

kp112.red

royalyorkfirewood.com

Targets

- Target
  
  dd76e3a7854555bf0a76aff66d6e75e8.exe
- Size
  
  476KB
- MD5
  
  dd76e3a7854555bf0a76aff66d6e75e8
- SHA1
  
  48fe64eeb38728c58443ace7df337f8905823437
- SHA256
  
  59193ea2bc603f875f795f48d8c2711ad6e4321853e881691f180192e6f29f77
- SHA512
  
  6d2fbe0b4efa6606c3321d5a5c119a02d04479852165307315eaf6ffeeaf390b6413a833754d4a73895a996e600ab4dd0dae85adcc237ce399cc3aa6720cd6d1
Score

10^/10

formbook a83r rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2