formbook

General

Target

1fa440f5e55258c7787165a37d50587cef16558e9734f44b3fb8a194ab38e7d5
Size

939KB
Sample

221012-tdyxlaacgj
MD5

b2ef30fb8a6e2116cf13adbd70218768
SHA1

66903823fc9f8f6acc93e60e18722520483a8074
SHA256

1fa440f5e55258c7787165a37d50587cef16558e9734f44b3fb8a194ab38e7d5
SHA512

8bc5fc4a1c868b10418873062646d0d091f95a26324981d4e702ace4dad2274c6a110fdae7e126c6007c30afc1e6ab4cc873d0dfc0b0a9dfff80e0eb8918e33d
SSDEEP

12288:0fEWcBeEn21z+7fM34NMjlbxpanIYVvxUTZu1UFDqB5Gbgnda9LY2uw:AEvBhn2d1huIYfTsDy5GbgndS

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jr16

Decoy

chinmayresort.com

beemine.site

jokihoki.net

spectrum-art.com

lchaxmm.top

garenobizzo.xyz

821riverknoll.com

bluelevelmusic.com

livingroomhotels.com

hilmiozsoysigorta.com

xsgdd.com

rozvezuto.online

inter-ac.online

discotecheitalia.com

judder.xyz

arlington425.site

cn-sk.com

axelarigatomanila.com

qqwe89.site

accography.com

Targets

- Target
  
  1fa440f5e55258c7787165a37d50587cef16558e9734f44b3fb8a194ab38e7d5
- Size
  
  939KB
- MD5
  
  b2ef30fb8a6e2116cf13adbd70218768
- SHA1
  
  66903823fc9f8f6acc93e60e18722520483a8074
- SHA256
  
  1fa440f5e55258c7787165a37d50587cef16558e9734f44b3fb8a194ab38e7d5
- SHA512
  
  8bc5fc4a1c868b10418873062646d0d091f95a26324981d4e702ace4dad2274c6a110fdae7e126c6007c30afc1e6ab4cc873d0dfc0b0a9dfff80e0eb8918e33d
- SSDEEP
  
  12288:0fEWcBeEn21z+7fM34NMjlbxpanIYVvxUTZu1UFDqB5Gbgnda9LY2uw:AEvBhn2d1huIYfTsDy5GbgndS
Score

10^/10

formbook jr16 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2