formbook

General

Target

1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
Size

774KB
Sample

220521-nftsrsdfc7
MD5

9f83e1ff718e96c05214dc91360f7382
SHA1

f6c4ecb6022f284eaae4b8288f27cfaaf6faf05d
SHA256

1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
SHA512

573ce2bf6639106dab284e721b3ec64a38609a41dc4e5fead468c47d6ddfefa74b57c0551049f37dc94f78d158f76cf99dc088e9b0ab7b64a97e54bcf027f3d8

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ppy

Decoy

107bifa.com

girlnamedgray.com

agnesagustina.com

dothedamndream.com

automovilesenmonterrey.com

areyouarealchamp.com

cristianosremodelacion.com

braincontrolinterphase.com

spieldoch-messe.com

cybererm.com

runwayspice.com

iapps.net

americasproducer.com

opigone.com

1northcoteavenuebalwyn.com

camgoing.com

rising-star-factory.com

kaiserundschmarrn.com

m5yo.info

aldosterone.biz

Targets

- Target
  
  1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
- Size
  
  774KB
- MD5
  
  9f83e1ff718e96c05214dc91360f7382
- SHA1
  
  f6c4ecb6022f284eaae4b8288f27cfaaf6faf05d
- SHA256
  
  1d7e50963731bfbf23c815df9bb1013718ad1a86e11b9f65b3e9c804c4398f56
- SHA512
  
  573ce2bf6639106dab284e721b3ec64a38609a41dc4e5fead468c47d6ddfefa74b57c0551049f37dc94f78d158f76cf99dc088e9b0ab7b64a97e54bcf027f3d8
Score

10^/10

formbook ppy rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2