formbook

General

Target

SecuriteInfo.com.W32.AIDetectNet.01.8038.13219
Size

46KB
Sample

220706-q5sywafdh7
MD5

8feba44e8cd040600d09043b3f00e035
SHA1

f924b4b27dc76cba38e68937e8aa8297b1656e0a
SHA256

359b9f18709357603b88a9597e7779bd36a116a4cccf73c682821ec40bfbeabd
SHA512

266d36e4d2d6936b95f20f83f76c095ae260c7f7577d5276cc827c869c392c3bb7d942cf65b5ac6525a4c70c609943e6ab57004e4f5f061307328a439697e2ff

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

d94e

Decoy

123456yudang.com

t-eros.com

genesis-urban.com

gartersnake.xyz

freshinews24.com

molasendo.com

365889.xyz

multiverso-digital.com

nahlabalmsales.com

cashyoga.space

momtipsblog.com

uktbc.xyz

hu6aecfzts33zz.life

luxuryholic.com

wtsgdy.com

bathroomrenovationscenter.club

mouradhw7.xyz

sehoonp.com

danplace.com

zc006.xyz

Targets

- Target
  
  SecuriteInfo.com.W32.AIDetectNet.01.8038.13219
- Size
  
  46KB
- MD5
  
  8feba44e8cd040600d09043b3f00e035
- SHA1
  
  f924b4b27dc76cba38e68937e8aa8297b1656e0a
- SHA256
  
  359b9f18709357603b88a9597e7779bd36a116a4cccf73c682821ec40bfbeabd
- SHA512
  
  266d36e4d2d6936b95f20f83f76c095ae260c7f7577d5276cc827c869c392c3bb7d942cf65b5ac6525a4c70c609943e6ab57004e4f5f061307328a439697e2ff
Score

10^/10

formbook d94e rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Downloads MZ/PE file
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Downloads MZ/PE file

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2