formbook

General

Target

15e76febd9a13cf44e211849c051a68c.bin
Size

716KB
Sample

230902-bg1aqaae3t
MD5

1da95f30ba1c9aeb1beb089ead9ecfe4
SHA1

d3c6c4aadd1b7eb8c2a0bca4d8af9ba96310ade4
SHA256

3263ed6eeca96b2ddda2feae33ef395a12e61db0adfb85137aa3d12f15aed285
SHA512

0a5078d3b1071d2cf668441cc092284103e22ffdbb14790056a8a1c9cc299dbe54fcad5ebf3b6a8f479b4af12572ae0b7d89a11acf1cd53f62d3a15a71ca5252
SSDEEP

12288:4bK8JGDTccpmq2tXjRzxEc1t3CgcKjz3Dywfz08gStLeMQNVPj+2N:4b5IPpmFXRxMKjz3DJz05SZcrb+G

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

v93r

Decoy

labourcommunitymarket.com

nba82.com

datahabitsales.site

rosstony.link

baliorganic.farm

qefhyjngrxcbjfvgft.autos

bippttcg.click

tldrschool.com

vcdaawug.click

garage2mats.com

soulrin.store

themezodermacream.com

522fairwaylookout.com

jmhoa.cyou

sygcb.link

thanhpresident.com

biy-home.com

imtmlife.online

dijitalpasaj.app

105261.com

Targets

- Target
  
  d4b306e65c16a66f2c0851d70709f117d2a93596fa9ad5905f99c99ea25aba10.exe
- Size
  
  955KB
- MD5
  
  15e76febd9a13cf44e211849c051a68c
- SHA1
  
  6d3b2d2b00e210d706e6f5746cae5e8cafae777b
- SHA256
  
  d4b306e65c16a66f2c0851d70709f117d2a93596fa9ad5905f99c99ea25aba10
- SHA512
  
  74be8b1f75065eb7991ca07c559f6a14354c65ce20ddbce6127253c4b73ce29b6ecfa786fc67d095b6bbc9939446c54c684811fde4116a318835eaa32e5a4105
- SSDEEP
  
  24576:reunQk8WUgZxqyp/0knO+e8KnCqTsQlSC:nUexqahnXe8KnZTsQlS
Score

10^/10

formbook v93r rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2