formbook

General

Target

9108b35ff3990b95827cb5c530c3b9e960ea215fb4488b33ad24af92e80c6b60
Size

456KB
Sample

230129-wwb7naaa7t
MD5

60be7286ec1b99627d280ecc8836d8bf
SHA1

54275d9e0644a64409c7ebf428fb896b8fc09cc1
SHA256

9108b35ff3990b95827cb5c530c3b9e960ea215fb4488b33ad24af92e80c6b60
SHA512

4e8639fd733c2a95f0c924f30737aaf7751e1464c9cd04624175daadaa4609cfbccfcde9ab566a679434498374fff413c21c3c461f989262d749af3b3887bd2e
SSDEEP

12288:oRg+au+xD+twE66E9b+2Bpme3r8ptnDBMdK+5rT:R39yipnmeb2DmdbT

Score

10^/10

formbook el rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

el

Decoy

fundayinc.com

91shiping.red

piccgz.com

greylockiceandheating.com

6-15hothamstreetstkildaeast.com

bladspiegel.com

xn--ruq41buok09a6r0azmh.com

reallifeandlipstick.com

wwwjinsha594.com

wpnull.info

dtaubman.net

eldhw.win

caringhouseholds.com

texasisrael.com

confiservice.com

unihome.store

xn--doqs90b84tkjg.com

xuanweiping.com

edictiosapiens.com

kalkulatorkredytow.online

Targets

- Target
  
  9108b35ff3990b95827cb5c530c3b9e960ea215fb4488b33ad24af92e80c6b60
- Size
  
  456KB
- MD5
  
  60be7286ec1b99627d280ecc8836d8bf
- SHA1
  
  54275d9e0644a64409c7ebf428fb896b8fc09cc1
- SHA256
  
  9108b35ff3990b95827cb5c530c3b9e960ea215fb4488b33ad24af92e80c6b60
- SHA512
  
  4e8639fd733c2a95f0c924f30737aaf7751e1464c9cd04624175daadaa4609cfbccfcde9ab566a679434498374fff413c21c3c461f989262d749af3b3887bd2e
- SSDEEP
  
  12288:oRg+au+xD+twE66E9b+2Bpme3r8ptnDBMdK+5rT:R39yipnmeb2DmdbT
Score

10^/10

formbook el rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2