formbook

General

Target

5d11d75dc9ecba71d33f246f0f277ffec929402f96c132d186a398e6942ffb7e
Size

368KB
Sample

221130-pb88bshf84
MD5

561189349e7ef1918a4c27182a279ca6
SHA1

37165c0b5bd29f23664d55e0e4279f89ccde4275
SHA256

5d11d75dc9ecba71d33f246f0f277ffec929402f96c132d186a398e6942ffb7e
SHA512

96ec8f72b5b031b8724296f620ba3b2e64295da62ae4d56e2d00b84d01bbbe3f3488f51ecdf7ab297b347574783ca4fad1105a1ee5fb97136affa6358c746e55
SSDEEP

6144:dt39+IGUiggkeVXZtFz/icY6FBXmyskHrBggUBmefTm2+zNXsl37t:CgWVXZj/XBGyskdgpfT

Score

10^/10

formbook ch rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

ch

Decoy

dfjz88.com

realtorscreek.com

pl8v5z.info

thicdienthoai.com

areauruguay.com

shimizu-yado.com

apples5.com

hothip.net

jm-legal.online

bkinfo28.online

edificiosakura.net

biodesixlungreflex.com

segurosblanco.com

atsintech.solutions

steuerberaterfinden.com

ojjul.com

udcomputer.com

grovescashflow.com

inglot-jlo.com

docteursnuisible.com

Targets

- Target
  
  5d11d75dc9ecba71d33f246f0f277ffec929402f96c132d186a398e6942ffb7e
- Size
  
  368KB
- MD5
  
  561189349e7ef1918a4c27182a279ca6
- SHA1
  
  37165c0b5bd29f23664d55e0e4279f89ccde4275
- SHA256
  
  5d11d75dc9ecba71d33f246f0f277ffec929402f96c132d186a398e6942ffb7e
- SHA512
  
  96ec8f72b5b031b8724296f620ba3b2e64295da62ae4d56e2d00b84d01bbbe3f3488f51ecdf7ab297b347574783ca4fad1105a1ee5fb97136affa6358c746e55
- SSDEEP
  
  6144:dt39+IGUiggkeVXZtFz/icY6FBXmyskHrBggUBmefTm2+zNXsl37t:CgWVXZj/XBGyskdgpfT
Score

10^/10

formbook ch rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2