formbook

General

Target

66b2b5112b9aa05cd1c1d65b09499aecd3798e90af4cb2bfc7844372b4ba6f37
Size

711KB
Sample

220128-18jvgsfadq
MD5

28996f9f1e4b645eed15f6bc8b51d937
SHA1

190bec54bcc632a8d676ff9df2b4bcec455c25fc
SHA256

66b2b5112b9aa05cd1c1d65b09499aecd3798e90af4cb2bfc7844372b4ba6f37
SHA512

63a43eb9e28a869d0af32b745e61f39b429179af988592f98dec6e2175a013a442b4e1f1b21fa5ef378f92e9849c62c4dc7e21f169b745000f2bdc603abe1599

Score

10^/10

formbook ge rat spyware stealer trojan upx

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

ge

Decoy

basakpentamir.com

pilgrimbaits-premium.com

ab5pp.com

fjtts.com

stpelectronics.com

foraol.com

protagonista.info

nigeriasno1datingsite.com

dignity.live

bodyworldholdings.com

01lover.com

wwwjinsha045.com

serverlan.info

themachinevspeople.info

bergencountyautosales.com

hillsidemanor.house

sergiypavlyukphoto.com

abetterforupgrades.date

lokireddygroup.com

il-hotels-review.com

Targets

- Target
  
  66b2b5112b9aa05cd1c1d65b09499aecd3798e90af4cb2bfc7844372b4ba6f37
- Size
  
  711KB
- MD5
  
  28996f9f1e4b645eed15f6bc8b51d937
- SHA1
  
  190bec54bcc632a8d676ff9df2b4bcec455c25fc
- SHA256
  
  66b2b5112b9aa05cd1c1d65b09499aecd3798e90af4cb2bfc7844372b4ba6f37
- SHA512
  
  63a43eb9e28a869d0af32b745e61f39b429179af988592f98dec6e2175a013a442b4e1f1b21fa5ef378f92e9849c62c4dc7e21f169b745000f2bdc603abe1599
Score

10^/10

formbook ge rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2