formbook

General

Target

f6c8a8e5346a698e0733248a0ec6e323
Size

320KB
Sample

220806-hwhsjsecg6
MD5

f6c8a8e5346a698e0733248a0ec6e323
SHA1

6e0be3bcd53afae69635fdecb1b7f350f9306563
SHA256

fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba
SHA512

076578e7d60d26215fb7f43b58873abda5ee83bf31d8969b0a0ca9a8bdf91774487ece9d6ffb6a32c57154269d84f9ac2c3926bc76e944b87c59fc9f2d5dfd84

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

eni9

Decoy

serenatutino.com

oshuncleaningservices.com

themodernring.com

elhoodurbano.com

borntobeabrand.com

wingene168.com

raising.cloud

kumen.store

azdistribution.store

myrecordingapp.com

minshu.info

zhongxiangxinge.com

linentemptation.com

corealestatevideo.com

carpection.com

mompreneur.services

ent34.com

udicoin.net

trulyclassical.com

paraalemdatela.com

Targets

- Target
  
  f6c8a8e5346a698e0733248a0ec6e323
- Size
  
  320KB
- MD5
  
  f6c8a8e5346a698e0733248a0ec6e323
- SHA1
  
  6e0be3bcd53afae69635fdecb1b7f350f9306563
- SHA256
  
  fc6dd1debc45ce8b420b281bda6fdf1bc103e4c977009a954924ca50d95bd7ba
- SHA512
  
  076578e7d60d26215fb7f43b58873abda5ee83bf31d8969b0a0ca9a8bdf91774487ece9d6ffb6a32c57154269d84f9ac2c3926bc76e944b87c59fc9f2d5dfd84
Score

10^/10

formbook eni9 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2