formbook

General

Target

ce1c55a5196da204d9f949b097e67060
Size

690KB
Sample

230601-ef8ggsch5x
MD5

ce1c55a5196da204d9f949b097e67060
SHA1

bee3d05da7b8913368f16f34306dbfbd1bf4fab7
SHA256

bca5d8c8e6b1abbf2f9ed462fda3dc22c4f3b37ef2bd6f2bd6772c00fe7dc1af
SHA512

0ce30e590cb2c5703c316e94792af9a5ea691caf132fbde1d9794564aeb2eb94c72e4c272139fbec632e062f9564ab40e3b74bcbe2b363c03db18f983f2f351e
SSDEEP

12288:V0hmzZBEP85JpsN74ypvfv3jVTGEbaZwqje4Arb++mZfFGB1v:D9BEP8jmN7tHPRT1beP1Ar23GB1v

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ca82

Decoy

idunresearch.com

loiioo1.site

aimobilify.com

limousineswebdesign.com

darshan-enterprises.online

javad.top

dd-spy.com

metamysme.co.uk

earticlesdirect.com

ldkj78v.vip

dariusevory.com

bestyoutubepromoter.com

dogcoinacademy.com

mestredosexo.net

mrnofree.africa

plan.rsvp

hoangnam.site

cadcamperform.com

091888.net

artwaylogistics.com

Targets

- Target
  
  ce1c55a5196da204d9f949b097e67060
- Size
  
  690KB
- MD5
  
  ce1c55a5196da204d9f949b097e67060
- SHA1
  
  bee3d05da7b8913368f16f34306dbfbd1bf4fab7
- SHA256
  
  bca5d8c8e6b1abbf2f9ed462fda3dc22c4f3b37ef2bd6f2bd6772c00fe7dc1af
- SHA512
  
  0ce30e590cb2c5703c316e94792af9a5ea691caf132fbde1d9794564aeb2eb94c72e4c272139fbec632e062f9564ab40e3b74bcbe2b363c03db18f983f2f351e
- SSDEEP
  
  12288:V0hmzZBEP85JpsN74ypvfv3jVTGEbaZwqje4Arb++mZfFGB1v:D9BEP8jmN7tHPRT1beP1Ar23GB1v
Score

10^/10

formbook ca82 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2