formbook | e61660e229f87b61562735d3d6f44326329b5d9e659198d02de592402984b7c7 | Triage

Sharing

General

Target

e61660e229f87b61562735d3d6f44326329b5d9e659198d02de592402984b7c7
Size

722KB
Sample

221107-x2x7radhd2
MD5

33d7ef98d681afdfb0cf7a6fb10bc414
SHA1

b10fe2ecb4031b32266ea16a94a1ba222222930e
SHA256

e61660e229f87b61562735d3d6f44326329b5d9e659198d02de592402984b7c7
SHA512

38c77a3c95ce46b9c9662e33cadd3476bab60be9559d786d034331963b66cdd95ac995445a9983a6aa4197505daa9e04efb2787765fd89e420e550d0d337558b
SSDEEP

12288:Ru5YDtn6Sou9k2x30mRe3Cqk6CHhZ8Wyes1Zo5D82FTtbyh:R4YDt6SP9pxdRe3QRhZ8ws7CvTtbyh

Score

10^/10

formbook ua69 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ua69

Decoy

uslanmayizz.com

rrucrowd.com

nerexy.online

guolang-clan.com

meteleabogados.com

sh-gottipati.com

themesmiui.com

anananlan.com

roghanala.com

yekitiba.com

echoskinco.com

btlpour.xyz

shoyo-samaa.com

fuzzywumpus.net

malerzeit.com

xiam.online

brandibraunalissa.com

cryptominis.pro

we-living.com

dc-invest.online

Targets

- Target
  
  e61660e229f87b61562735d3d6f44326329b5d9e659198d02de592402984b7c7
- Size
  
  722KB
- MD5
  
  33d7ef98d681afdfb0cf7a6fb10bc414
- SHA1
  
  b10fe2ecb4031b32266ea16a94a1ba222222930e
- SHA256
  
  e61660e229f87b61562735d3d6f44326329b5d9e659198d02de592402984b7c7
- SHA512
  
  38c77a3c95ce46b9c9662e33cadd3476bab60be9559d786d034331963b66cdd95ac995445a9983a6aa4197505daa9e04efb2787765fd89e420e550d0d337558b
- SSDEEP
  
  12288:Ru5YDtn6Sou9k2x30mRe3Cqk6CHhZ8Wyes1Zo5D82FTtbyh:R4YDt6SP9pxdRe3QRhZ8ws7CvTtbyh
Score

10^/10

formbook ua69 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

formbookua69ratspywarestealertrojan