formbook

General

Target

266b94576fc5f21b1958e202c1e6296f95b247e0c02cb4683b8e164ec84d9a11
Size

660KB
Sample

220616-kewzysded4
MD5

98d1100c39a023253cd46122e0a8820e
SHA1

317b29e44ebbb9659203c1ed96ab1d73d6b540dd
SHA256

266b94576fc5f21b1958e202c1e6296f95b247e0c02cb4683b8e164ec84d9a11
SHA512

777335c56e065d1810251db4cdcda1e1ee6ec13cd0e47f89203a80e3d6497938a14f560c2b23f24dfd2c76c5509c863f03be6a6df102455aaa24f91bd7d47020

Score

10^/10

formbook ho rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

ho

Decoy

3dprintedphotography.com

surgeinor.com

goletavalleytechcenter.com

fort41.net

mudita.studio

pesticides-suppliers.com

al98ce.biz

berybest.com

siedumat.com

tomengrain.net

sunnyskiesvaca.info

centrocomercialatlantida.com

umeof.info

sequoiasurfacing.com

lacodeouro.com

somotorbike.com

chancetobloew.com

mcrikos.com

qizhangke.com

sugarnotchsawmill.com

Targets

- Target
  
  266b94576fc5f21b1958e202c1e6296f95b247e0c02cb4683b8e164ec84d9a11
- Size
  
  660KB
- MD5
  
  98d1100c39a023253cd46122e0a8820e
- SHA1
  
  317b29e44ebbb9659203c1ed96ab1d73d6b540dd
- SHA256
  
  266b94576fc5f21b1958e202c1e6296f95b247e0c02cb4683b8e164ec84d9a11
- SHA512
  
  777335c56e065d1810251db4cdcda1e1ee6ec13cd0e47f89203a80e3d6497938a14f560c2b23f24dfd2c76c5509c863f03be6a6df102455aaa24f91bd7d47020
Score

10^/10

formbook ho rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2