formbook

General

Target

a358e0ac42cc7258d72ea98605bd22a1bbdc15e0f9421849956fcb7b08da34fa
Size

374KB
Sample

220521-nc6cdsdeb3
MD5

8e5698ccce5ff452c06b15dbf25479c4
SHA1

4ea38455f62ddb0d5931ffd83cdbca16c901f528
SHA256

a358e0ac42cc7258d72ea98605bd22a1bbdc15e0f9421849956fcb7b08da34fa
SHA512

8d86c594cc442b547b21bd780be19321d2d82bd8a404b0cc1e3a8c3f0029c3cf7414b9e0947ee598e8bd423d8b53814d67c1b29fa57602139cc320f22bcfca36

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

m5gz

Decoy

provtanks.com

partybuskingz.com

viewtechborescopes.com

larepco.info

lacuartetera.net

rpueuetd.com

maximalneoptimalne.com

gravitywavegame.com

kencoxvaspecialist.com

mein-markisenland-ev.com

cannachocolata.com

themeatsheet.com

emarketschool.com

fastinternet.systems

fxqlf.com

pixanliber.com

omgree.com

delraybees.com

hbamicrosupport.com

ginlj.info

Targets

- Target
  
  REQUERIDA.exe
- Size
  
  500KB
- MD5
  
  e07d5b6d29e7cae1ea8546b4783601b8
- SHA1
  
  d5c823bdee28ccf2bd18e683eca270d6c031cb72
- SHA256
  
  3ec51daa2ad133cfcdce1ffca7081f96ee58d9b5c2d302cee732e6e2cc3d8cc6
- SHA512
  
  adf6f6b1a142d17df561d7181c6d4a1e3d6b8663fdfde5f2ae72459cadd63f7daf72a6d6d5233071a2af9a7be7f2f7a10d05aabe20db258826bcf2b401e5124c
Score

10^/10

formbook m5gz rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2