formbook

General

Target

fd4fde74267b1f08dc0588a66481f230.exe
Size

841KB
Sample

220126-s1kg2seehm
MD5

fd4fde74267b1f08dc0588a66481f230
SHA1

f029ca51857e6fe326e6a6a573afadf9bdfcee9f
SHA256

c6e101b1f3ef37505f4cae99303735cdbc09b0ef4f33f1d3f27742722e8276b4
SHA512

0e1b6335a3e69f7009e1445fe28c398e47fa94e6151a5c1d475bc488b41a2feafc940010bb91cab098cdf9b4a755c09f7ca9294cd406dae9c971d65eac5ba8a3

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

bt33

Decoy

mbaonlinefreedegress.info

myforevermaid.com

daoyi365.com

weientm.com

legal-mx.com

formationrigging.com

heidiet.xyz

school-prosto.store

healthvitaminnutrition.com

digitalsolutionusa.com

little-bazar.com

jnbeautycanada.com

optoelek.com

learntoairmail.com

hawkminer.com

kingofearth.love

ktnstay.xyz

zouxin.love

mainlandpr.com

mamm-hummel.com

Targets

- Target
  
  fd4fde74267b1f08dc0588a66481f230.exe
- Size
  
  841KB
- MD5
  
  fd4fde74267b1f08dc0588a66481f230
- SHA1
  
  f029ca51857e6fe326e6a6a573afadf9bdfcee9f
- SHA256
  
  c6e101b1f3ef37505f4cae99303735cdbc09b0ef4f33f1d3f27742722e8276b4
- SHA512
  
  0e1b6335a3e69f7009e1445fe28c398e47fa94e6151a5c1d475bc488b41a2feafc940010bb91cab098cdf9b4a755c09f7ca9294cd406dae9c971d65eac5ba8a3
Score

10^/10

formbook bt33 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2