formbook

General

Target

SecuriteInfo.com.Trojan.GenericKD.46909731.11442.27319.exe
Size

936KB
Sample

230419-ntewrsca6x
MD5

e9818bdb92bb29bc70855a3060436332
SHA1

d7c511eeca61f564fcfbbac30853b433469d37b7
SHA256

ba13a69fc8a1e72eef1f7147733779653cef8420f2492b4e1c4d73546d654b76
SHA512

d2ec3881dc607ed4e96bc1070288a979d359cde22efb050d33b62cb3257bfa961640cb35b5a2016e896f248d7acb0ccfb359707e30b81330bc63c44cbe6c5a64
SSDEEP

12288:beJcp2l+38aYZDW5dAQAMg9+Iyok7dDwKDxSKD/cEJywyHcoF9oai:becU4

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

m8nt

Decoy

australianews24.com

ashleyoldham.com

lqxy888.com

giftbasketsplaza.com

3369a.com

cursodeendometriosis.com

whatisayahuasca.net

sskibele.com

bairdtelevision.world

flashmountainflood.com

aprylmarie.online

ox7979.com

richardleniek.com

joinvoyager.club

nebysw.com

bulebush.net

metalroofing.store

landbbookkeeping.com

socialrejectssyndicate.com

opulantsolutions.com

Targets

- Target
  
  SecuriteInfo.com.Trojan.GenericKD.46909731.11442.27319.exe
- Size
  
  936KB
- MD5
  
  e9818bdb92bb29bc70855a3060436332
- SHA1
  
  d7c511eeca61f564fcfbbac30853b433469d37b7
- SHA256
  
  ba13a69fc8a1e72eef1f7147733779653cef8420f2492b4e1c4d73546d654b76
- SHA512
  
  d2ec3881dc607ed4e96bc1070288a979d359cde22efb050d33b62cb3257bfa961640cb35b5a2016e896f248d7acb0ccfb359707e30b81330bc63c44cbe6c5a64
- SSDEEP
  
  12288:beJcp2l+38aYZDW5dAQAMg9+Iyok7dDwKDxSKD/cEJywyHcoF9oai:becU4
Score

10^/10

formbook m8nt rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2