formbook

General

Target

7e31febe07e9ee30b6e6f04fbc58cd1a12c7f95c524ed29ba99e5613886f0369
Size

494KB
Sample

221130-welprseg2w
MD5

884e261ad3861b83f650deff6c1540a8
SHA1

e0d8597a0b35e2fe4c25d170491a82a6a648c94b
SHA256

7e31febe07e9ee30b6e6f04fbc58cd1a12c7f95c524ed29ba99e5613886f0369
SHA512

fab5bc89269683b2e490aabca6e2b8210c75f27878a2e240a5d71ea8c4e2771eb793857a08409e08fcc2cda831f9f3e947f3ec1ca2412ca0e7652913e5851cf9
SSDEEP

12288:iiz6hG4eAbcvGZbD8sBlGCen9p/MK7mKWMrvdFD9V:AZbDz6C8D6fMrFtH

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

2bg

Decoy

ohhowfluent.com

puppy-pets.com

coquetasybonitas.com

eberhard-pharma.com

dolphinsvs-patriots.com

htsyseq.com

curentcareri.com

syybjd.com

zlandscaping.net

jobsinkc.com

moonlightpcworks.com

greedysafely.com

quarryfinearts.com

gelaidexinli.com

mealsmojo.com

myeyecandybeauty.com

dropshippermillionaire.com

frogrout.life

wordpresschool.com

leggingstore.one

Targets

- Target
  
  7e31febe07e9ee30b6e6f04fbc58cd1a12c7f95c524ed29ba99e5613886f0369
- Size
  
  494KB
- MD5
  
  884e261ad3861b83f650deff6c1540a8
- SHA1
  
  e0d8597a0b35e2fe4c25d170491a82a6a648c94b
- SHA256
  
  7e31febe07e9ee30b6e6f04fbc58cd1a12c7f95c524ed29ba99e5613886f0369
- SHA512
  
  fab5bc89269683b2e490aabca6e2b8210c75f27878a2e240a5d71ea8c4e2771eb793857a08409e08fcc2cda831f9f3e947f3ec1ca2412ca0e7652913e5851cf9
- SSDEEP
  
  12288:iiz6hG4eAbcvGZbD8sBlGCen9p/MK7mKWMrvdFD9V:AZbDz6C8D6fMrFtH
Score

10^/10

formbook 2bg rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2