formbook

General

Target

cb82cfc46b8a9ba9970d0819ea1ed47a8fd9b9e71ebc171fe0ac68c5dab385a3
Size

696KB
Sample

220329-zaqdyaahd7
MD5

d98092d1508b874d1b4b3cfc2add7f61
SHA1

2e64a9dddb6b2f25600cae0ecb02d2d0d15a25e3
SHA256

cb82cfc46b8a9ba9970d0819ea1ed47a8fd9b9e71ebc171fe0ac68c5dab385a3
SHA512

42a9d7a2bf6f1f7405925bf96cf0e5edfffcab6ed22485be2fde56e1afa25a8a5fabf684155aca033131fd646adc316b0127d595dc3119819c8866e0df83237b

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ngs

Decoy

clickavisos.com

superbbeautysecrets.com

edxar.xyz

maximumpotentialfitness.net

exportsninports.com

ijwsm.com

kdawvam.icu

uere.website

pleasantviewgardennj.com

favorflavortexas.com

gilt.pro

nagahama63.com

fractalweed.com

acceptchaos.net

shopshop3.space

lunivers-de-flora.com

astrophiliabrand.com

thegloveexchange.com

bbrazesurgical.com

goswamipad.net

Targets

- Target
  
  cb82cfc46b8a9ba9970d0819ea1ed47a8fd9b9e71ebc171fe0ac68c5dab385a3
- Size
  
  696KB
- MD5
  
  d98092d1508b874d1b4b3cfc2add7f61
- SHA1
  
  2e64a9dddb6b2f25600cae0ecb02d2d0d15a25e3
- SHA256
  
  cb82cfc46b8a9ba9970d0819ea1ed47a8fd9b9e71ebc171fe0ac68c5dab385a3
- SHA512
  
  42a9d7a2bf6f1f7405925bf96cf0e5edfffcab6ed22485be2fde56e1afa25a8a5fabf684155aca033131fd646adc316b0127d595dc3119819c8866e0df83237b
Score

10^/10

formbook ngs rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2