formbook

General

Target

H4vBtZsi8xAKaMm.exe
Size

1.2MB
Sample

220128-rc975aeabm
MD5

7eabab04e4a6fdd45238e32ed81e222c
SHA1

e0e1dc469746f5e2e049ea4a93d9b09a9227b342
SHA256

b79d2d02fe777cfd64723ad9b3935b30c00cbc75614fcadbf867cce88df4a8fd
SHA512

eeaa0f02a15a66b3363f94730ad3cf7c533a4bf303cfa0f53b21959a54dc0f65c50b1ac179aa5f992e3e17bbfaaa1b7393da3d1859ddd51932d36bdf0b7fa21b

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

u1p5

Decoy

yannickrast.com

shitcoin.team

mysweetelissa.com

tpnfrgm2wrld.xyz

freeclothesonline.com

rhoads-music.com

tanglewoodrx.com

sharkeycustoms.com

bonin-island.com

apeutah.com

metacehennem.xyz

deutscheno1.com

e-gate-io.store

hometoto.xyz

jojomove.com

vzn2aai2qj.icu

couponcodes6.com

pbcgotv.com

metarealtyhome.com

geymall.com

Targets

- Target
  
  H4vBtZsi8xAKaMm.exe
- Size
  
  1.2MB
- MD5
  
  7eabab04e4a6fdd45238e32ed81e222c
- SHA1
  
  e0e1dc469746f5e2e049ea4a93d9b09a9227b342
- SHA256
  
  b79d2d02fe777cfd64723ad9b3935b30c00cbc75614fcadbf867cce88df4a8fd
- SHA512
  
  eeaa0f02a15a66b3363f94730ad3cf7c533a4bf303cfa0f53b21959a54dc0f65c50b1ac179aa5f992e3e17bbfaaa1b7393da3d1859ddd51932d36bdf0b7fa21b
Score

10^/10

formbook u1p5 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2