formbook

General

Target

d2f580c133802c6a3d4117117d5c16cc.exe
Size

590KB
Sample

230713-fp9atagd3z
MD5

d2f580c133802c6a3d4117117d5c16cc
SHA1

eb014e24331bd1df38875d5c722e0db16dc8d5db
SHA256

cfd843a4218fd91e46bf20068627e94bcc20cf68ec6a84ad4811d39b8c6c7ccd
SHA512

4d8caad78cf422dc6c29db278c16076a7a8697e5f60c238cccc1ac7e5dbea6bf444b70baf227c3596ba7f7de89d2368d42ce1991dc9071b686affe0833f7c48c
SSDEEP

12288:PPwJpDRWJ373SENQZ6DRRu1Lc6jRhjszcNrI5GPcn:Xw03bSWQEDDvGjBi5i

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

4hc5

Decoy

amandaastburyillustration.com

7141999.com

showshoe.info

sagemarlin.com

lithuaniandreamtime.com

therenixgroupllc.com

avalialooks.shop

vurporn.com

lemmy.systems

2816goldfinch.com

pacersun.com

checktrace.com

loadtransfer.site

matsuri-jujutsukaisen.com

iontrapper.science

5108010.com

beidixi.com

21305599.com

peakvitality.fitness

osisfeelingfee.com

Targets

- Target
  
  d2f580c133802c6a3d4117117d5c16cc.exe
- Size
  
  590KB
- MD5
  
  d2f580c133802c6a3d4117117d5c16cc
- SHA1
  
  eb014e24331bd1df38875d5c722e0db16dc8d5db
- SHA256
  
  cfd843a4218fd91e46bf20068627e94bcc20cf68ec6a84ad4811d39b8c6c7ccd
- SHA512
  
  4d8caad78cf422dc6c29db278c16076a7a8697e5f60c238cccc1ac7e5dbea6bf444b70baf227c3596ba7f7de89d2368d42ce1991dc9071b686affe0833f7c48c
- SSDEEP
  
  12288:PPwJpDRWJ373SENQZ6DRRu1Lc6jRhjszcNrI5GPcn:Xw03bSWQEDDvGjBi5i
Score

10^/10

formbook 4hc5 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2