formbook

General

Target

eb3e94888d5e945faf0b570acc1b2a4652f1b92940e8ac1cd62ff756d39aa1a0
Size

723KB
Sample

220201-defveagbe5
MD5

8af4cd350e0f17fe61a91a7c08c62d95
SHA1

dad9898577318aac0156514705a8d1ca6e389a0b
SHA256

eb3e94888d5e945faf0b570acc1b2a4652f1b92940e8ac1cd62ff756d39aa1a0
SHA512

67a3a4df05141e07f8b8110cd890d150447abb6b09880f647918f916dbdd6cbb9c3cd5d9521e458d547b8beced250f06150debafb03af1c37edf22043e248444

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

d003

Decoy

grupojcs.com

sdiezk.com

crazycravecosmetics.com

addison.site

gaziantepcicekal.com

globetrotterscourier.online

ppluav69.com

desanitarium.com

jiuxutang.net

rennaidangpu.com

wkc365.com

meanfarmer.net

yeosuchonnom.com

9876n.com

aesthetics-academy.com

chaoyumoju.com

tuscoordenadas.com

diveregalos.com

bombougeral.info

roxfranzhoerspringstzer.win

Targets

- Target
  
  eb3e94888d5e945faf0b570acc1b2a4652f1b92940e8ac1cd62ff756d39aa1a0
- Size
  
  723KB
- MD5
  
  8af4cd350e0f17fe61a91a7c08c62d95
- SHA1
  
  dad9898577318aac0156514705a8d1ca6e389a0b
- SHA256
  
  eb3e94888d5e945faf0b570acc1b2a4652f1b92940e8ac1cd62ff756d39aa1a0
- SHA512
  
  67a3a4df05141e07f8b8110cd890d150447abb6b09880f647918f916dbdd6cbb9c3cd5d9521e458d547b8beced250f06150debafb03af1c37edf22043e248444
Score

10^/10

formbook d003 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2