formbook

General

Target

6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a.exe
Size

780KB
Sample

221011-jhjy5acfgq
MD5

a93f5a2c6e1278d1b8b93e8e9b950f26
SHA1

5c3a7b41d017bcabf9d441d81c6c46a05b76d0f6
SHA256

6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a
SHA512

af0177762430bef805da4a751748607b3a637d852230692665ac455b12ac9c362912434221cc68d09e4b2a80b1b04eb5187285f9cda64354749b60ec600ca5ff
SSDEEP

12288:WAv2iN9IcvSoun3A1fLsumo2Hv3hqWxGAT8dTTip5Q+:f1rAn3A1DsucjGJ9+

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

o5df

Decoy

glassesfx.com

yunboer.com

countryvillagerx.com

ravensclawcollectibles.net

ambiencebodytherapies.com

cbcgroup.solutions

east2westcoasters.xyz

vegasggcuan.com

sistempakarsapi.site

assoroc-chinon.com

thegauntletchallenge.com

johnandsophie.com

followeona.xyz

bulgurmachines.online

pippaandi.com

warax.online

trygamesandearnrewards.com

newssergipe.com

savingsellersthousands.com

sniibe.com

Targets

- Target
  
  6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a.exe
- Size
  
  780KB
- MD5
  
  a93f5a2c6e1278d1b8b93e8e9b950f26
- SHA1
  
  5c3a7b41d017bcabf9d441d81c6c46a05b76d0f6
- SHA256
  
  6ec0c1af929d468390638567352ac6ca1d56b3732ff159ccd043ffbd9d57721a
- SHA512
  
  af0177762430bef805da4a751748607b3a637d852230692665ac455b12ac9c362912434221cc68d09e4b2a80b1b04eb5187285f9cda64354749b60ec600ca5ff
- SSDEEP
  
  12288:WAv2iN9IcvSoun3A1fLsumo2Hv3hqWxGAT8dTTip5Q+:f1rAn3A1DsucjGJ9+
Score

10^/10

formbook o5df rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2