formbook

General

Target

cb5cd9f8250eaf3861f8774f431032b4
Size

400KB
Sample

220209-mfzhksaaa3
MD5

cb5cd9f8250eaf3861f8774f431032b4
SHA1

1de8f273480f80f18d070f1f71aa722923759137
SHA256

7357d3e9a33b53dcaf335fecb11100acf0fbeeec2ebf668634de7cd1ba931ae1
SHA512

f7b4bc3996fee5fa1606a85f3d3cce6a1dbd6f14a133c81db0061b91528fc36c9856bd684b5d111ad387fff539720391fc2afd52c3b5803a7e192471a21e74cc

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

k2i4

Decoy

apehangersbikersgang.com

lhcgrou.com

diveidf.com

timtas.store

jadebody.club

iamjbrussell.com

fwfuv.icu

picchealth.net

batuair.com

z58609.com

punarecotech.com

a-oct.com

xn--wmq0c1qt9mcxhxjkp16a.top

district99.net

5dcoding.com

aripagripoff.biz

abtheagent.com

betterskincareco.com

jsskylight.com

deviseoffice.com

Targets

- Target
  
  cb5cd9f8250eaf3861f8774f431032b4
- Size
  
  400KB
- MD5
  
  cb5cd9f8250eaf3861f8774f431032b4
- SHA1
  
  1de8f273480f80f18d070f1f71aa722923759137
- SHA256
  
  7357d3e9a33b53dcaf335fecb11100acf0fbeeec2ebf668634de7cd1ba931ae1
- SHA512
  
  f7b4bc3996fee5fa1606a85f3d3cce6a1dbd6f14a133c81db0061b91528fc36c9856bd684b5d111ad387fff539720391fc2afd52c3b5803a7e192471a21e74cc
Score

10^/10

formbook k2i4 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2