formbook

General

Target

8e1579332c108b91cf104ac63a80be9cabcd918086bcd27248e59467776fc863exe_JC.exe
Size

689KB
Sample

230806-tesf7sba65
MD5

549506be461e63f925b424b2f6011916
SHA1

809e73cea714e24c15f65c27eff6371723149323
SHA256

8e1579332c108b91cf104ac63a80be9cabcd918086bcd27248e59467776fc863
SHA512

0c254f269004b3999284fb9e4bacc71082be27d7a178106bcb9150e2bf66723d98f0755fae8eda8f05ed24aeabf8ef49eb91556ed417b7c6ecec6dcbb04ad6b4
SSDEEP

12288:S5MYH1VTW4TmZnXmQtXQ7SHbtvTug/gjtkb9:S6wrbTmJmQtXQ7S7tvTuacCb9

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sy22

Decoy

vinteligencia.com

displayfridges.fun

completetip.com

giallozafferrano.com

jizihao1.com

mysticheightstrail.com

fourseasonslb.com

kjnala.shop

mosiacwall.com

vandistreet.com

gracefullytouchedartistry.com

hbiwhwr.shop

mfmz.net

hrmbrillianz.com

funwarsztat.com

polewithcandy.com

ourrajasthan.com

wilhouettteamerica.com

johnnystintshop.com

asgnelwin.com

Targets

- Target
  
  8e1579332c108b91cf104ac63a80be9cabcd918086bcd27248e59467776fc863exe_JC.exe
- Size
  
  689KB
- MD5
  
  549506be461e63f925b424b2f6011916
- SHA1
  
  809e73cea714e24c15f65c27eff6371723149323
- SHA256
  
  8e1579332c108b91cf104ac63a80be9cabcd918086bcd27248e59467776fc863
- SHA512
  
  0c254f269004b3999284fb9e4bacc71082be27d7a178106bcb9150e2bf66723d98f0755fae8eda8f05ed24aeabf8ef49eb91556ed417b7c6ecec6dcbb04ad6b4
- SSDEEP
  
  12288:S5MYH1VTW4TmZnXmQtXQ7SHbtvTug/gjtkb9:S6wrbTmJmQtXQ7S7tvTuacCb9
Score

10^/10

formbook sy22 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2