formbook

General

Target

95e46bda24b5240f0ee2c70793709836c568d27da06b7393c7ed5cb4d5f4d888
Size

727KB
Sample

220414-hnljgaadf9
MD5

0d435fc2005ce7e69f850cc3e57712e3
SHA1

abf6796e578328c841042a14fe58300733fd0556
SHA256

95e46bda24b5240f0ee2c70793709836c568d27da06b7393c7ed5cb4d5f4d888
SHA512

598426ab19450153c68abbda02755849d9bfc741a3d370501c95fc9c913d626f9e118c5852045a331b1d4aeef20ba9d811b328a4e2a0bf84c1c414bb3b79f756

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gae

Decoy

haolexin.com

mediatradeprofiles.com

336540.com

khive.team

itbossinc.com

appantoniojoin.com

fleetalfa.com

szwrites.com

developistanbul.com

harrybuyshomes4fastcash.com

homelandmarkets.com

911directpp.com

bipocamerica.com

imperialdesignonline.com

covid-19tablets.info

tutorquranonline.com

dataaisummit.com

learn-interviewskills.com

trijayatekniktama.com

bulbalabs.com

Targets

- Target
  
  95e46bda24b5240f0ee2c70793709836c568d27da06b7393c7ed5cb4d5f4d888
- Size
  
  727KB
- MD5
  
  0d435fc2005ce7e69f850cc3e57712e3
- SHA1
  
  abf6796e578328c841042a14fe58300733fd0556
- SHA256
  
  95e46bda24b5240f0ee2c70793709836c568d27da06b7393c7ed5cb4d5f4d888
- SHA512
  
  598426ab19450153c68abbda02755849d9bfc741a3d370501c95fc9c913d626f9e118c5852045a331b1d4aeef20ba9d811b328a4e2a0bf84c1c414bb3b79f756
Score

10^/10

formbook gae rat spyware stealer trojan metastealer
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Meta Stealer Stealer
  Meta Stealer steals passwords stored in browsers, written in C++.
  stealer metastealer
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Meta Stealer Stealer

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2