formbook

General

Target

33253b2e996c5360cadc54620ad7c214a008d6b5bb597d83a3c994fe138c220a
Size

472KB
Sample

221130-p77pdafa4y
MD5

f01777e0fc78d84c7591ce7291268558
SHA1

6bd0e198891fe77d1e6e64848b0f4ef23424fea4
SHA256

33253b2e996c5360cadc54620ad7c214a008d6b5bb597d83a3c994fe138c220a
SHA512

2b24ecd4a789e145866933769bda69bd90256704f2b3953608289964c362f3efe930aaf6b63aec4227606f8ea9251dc9c0cc5ea70a1c1b2d5fe9a6ca2a503e94
SSDEEP

6144:Ww+2CheHFpoXtmJe2JUHr712T2zBZODeUEEfUWmtnN3:T+2ChelM2RJS3cT2CDNUjtnx

Score

10^/10

formbook sh rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

sh

Decoy

world-fireworks.com

fujiyama18.com

mottamail.com

shliangba.com

hatsuratsu-houmon.com

qdqmercados.net

wwwjsgw8.com

bcbsmedicarmarketplace.com

optio.deals

familiasorice.com

harveyfloodmitigation.com

gorelawfirmalpharetta.com

faraweb.net

biolang.net

otiebnight78.com

news3035.soccer

campbellswarehousellc.com

whyxbgjj.com

pixieanddixieadventures.com

xiongqq.com

Targets

- Target
  
  33253b2e996c5360cadc54620ad7c214a008d6b5bb597d83a3c994fe138c220a
- Size
  
  472KB
- MD5
  
  f01777e0fc78d84c7591ce7291268558
- SHA1
  
  6bd0e198891fe77d1e6e64848b0f4ef23424fea4
- SHA256
  
  33253b2e996c5360cadc54620ad7c214a008d6b5bb597d83a3c994fe138c220a
- SHA512
  
  2b24ecd4a789e145866933769bda69bd90256704f2b3953608289964c362f3efe930aaf6b63aec4227606f8ea9251dc9c0cc5ea70a1c1b2d5fe9a6ca2a503e94
- SSDEEP
  
  6144:Ww+2CheHFpoXtmJe2JUHr712T2zBZODeUEEfUWmtnN3:T+2ChelM2RJS3cT2CDNUjtnx
Score

10^/10

formbook sh rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2