formbook

General

Target

34dccb3834daf8ababcf35c58e995e322cd5edd5780bfc944ce1a46a07e2b2c8
Size

476KB
Sample

220619-yhjqpacha7
MD5

ea607d1b385e45422cc153a5f732e98a
SHA1

8dee62a8a8e22bfc9245ea2700146a78894f28f2
SHA256

34dccb3834daf8ababcf35c58e995e322cd5edd5780bfc944ce1a46a07e2b2c8
SHA512

12785f1957cab60b3e24ed0c4150d7ba1a4095410cd3697ea44ae0233284398a51787b0f6a53bdfb33d26fb5a116323a103082d19dcd263ba9b9bbee48133279

Score

10^/10

formbook sh rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

sh

Decoy

ziyafetkebaprize.com

minigirl69.com

emmashawbarry.com

resolving-an-issue.info

chefmorn.com

positivelypeach.com

industrial-plc.com

news3102.pictures

robinhunghau.com

cookarevegan.online

4hlf3uvgl6v.biz

eurekaposters.com

widenewtown.life

snprovidedengineering.com

elpcb.com

kabinet-megafon.info

roturapuentetermico.com

hao641.com

freshness.farm

casino1.info

Targets

- Target
  
  34dccb3834daf8ababcf35c58e995e322cd5edd5780bfc944ce1a46a07e2b2c8
- Size
  
  476KB
- MD5
  
  ea607d1b385e45422cc153a5f732e98a
- SHA1
  
  8dee62a8a8e22bfc9245ea2700146a78894f28f2
- SHA256
  
  34dccb3834daf8ababcf35c58e995e322cd5edd5780bfc944ce1a46a07e2b2c8
- SHA512
  
  12785f1957cab60b3e24ed0c4150d7ba1a4095410cd3697ea44ae0233284398a51787b0f6a53bdfb33d26fb5a116323a103082d19dcd263ba9b9bbee48133279
Score

10^/10

formbook sh rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2