formbook

General

Target

3afb7d99f94a14a215afb00a4cc6428179064599210e9702a945a47603fcd354
Size

560KB
Sample

221125-ma148ade5z
MD5

5c794c5c9dc31717919c416ad8ec9972
SHA1

f01cb1ddf551a481bedd398b819e9c0b15c34b2d
SHA256

3afb7d99f94a14a215afb00a4cc6428179064599210e9702a945a47603fcd354
SHA512

0a79dad3429166afecb2fdf20c2ee42890b659c5e9fad9e497e754e138fe9c8a2703d21112d5baee1143fc9edf2f05cb28fef51867bdf60afff8e9a5d432e833
SSDEEP

12288:9PrVddddddddddddddddddddEddddddddddddddddddddddSdddddddddddddddJ:9DVddddddddddddddddddddEdddddddF

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gbl

Decoy

vegankait.com

onlinerebatemall.com

bigsbetter.com

rajnandinisilvers.com

cloudpolkadot.com

s2-fs.com

hellodenali.com

directlyincluded.press

micocinamisalud.com

animalsmd.com

juyoujun.com

ohmpatel.com

ajabdshown.com

financebookreview.com

smartlinkpay.com

kristawilliamson.com

mrliv.com

gokkasteninfo.com

adchrk1031.com

naigves.com

Targets

- Target
  
  3afb7d99f94a14a215afb00a4cc6428179064599210e9702a945a47603fcd354
- Size
  
  560KB
- MD5
  
  5c794c5c9dc31717919c416ad8ec9972
- SHA1
  
  f01cb1ddf551a481bedd398b819e9c0b15c34b2d
- SHA256
  
  3afb7d99f94a14a215afb00a4cc6428179064599210e9702a945a47603fcd354
- SHA512
  
  0a79dad3429166afecb2fdf20c2ee42890b659c5e9fad9e497e754e138fe9c8a2703d21112d5baee1143fc9edf2f05cb28fef51867bdf60afff8e9a5d432e833
- SSDEEP
  
  12288:9PrVddddddddddddddddddddEddddddddddddddddddddddSdddddddddddddddJ:9DVddddddddddddddddddddEdddddddF
Score

10^/10

formbook gbl rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2