formbook

General

Target

63d2a92b555fca71818d466c3f901b1c.exe
Size

670KB
Sample

231012-qqkzqabg4v
MD5

63d2a92b555fca71818d466c3f901b1c
SHA1

e8aa60ba1257726d74bc0f7664a3e854ce971c26
SHA256

e8daa9482a4d8379e8a1d3dea17ccb16746dc786522acfe79da2b833c525a9b6
SHA512

d415d26c953fdca8ccafc7170539f655323cd5a88d8bc449f1cd70ea765344ac29e8cc0d24cb6bdd4f3964862fe30b898c52ad895dd1f84f33305aec28d94edc
SSDEEP

12288:ZIswfJw1UDXxpkUK74GC3O+H15a6yPhH82g4vdhDz4Gf3Ol9:gBwQdK1i1iPRvnDzV

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ro12

Decoy

start399.com

decyfincoin.com

binguozhijiaok.com

one45.vip

55dy5s.top

regmt.pro

2ahxgaafifl.com

xn--6rtp2flvfc2h.com

justinmburns.com

los3.online

fleshaaikensdivinegiven7llc.com

servicedelv.services

apexcaryhomesforsale.com

shuraop.xyz

sagetotal.com

gratitude-et-compagnie.com

riderarea.com

digitalserviceact.online

contentbyc.com

agenda-digital-planner.com

Targets

- Target
  
  63d2a92b555fca71818d466c3f901b1c.exe
- Size
  
  670KB
- MD5
  
  63d2a92b555fca71818d466c3f901b1c
- SHA1
  
  e8aa60ba1257726d74bc0f7664a3e854ce971c26
- SHA256
  
  e8daa9482a4d8379e8a1d3dea17ccb16746dc786522acfe79da2b833c525a9b6
- SHA512
  
  d415d26c953fdca8ccafc7170539f655323cd5a88d8bc449f1cd70ea765344ac29e8cc0d24cb6bdd4f3964862fe30b898c52ad895dd1f84f33305aec28d94edc
- SSDEEP
  
  12288:ZIswfJw1UDXxpkUK74GC3O+H15a6yPhH82g4vdhDz4Gf3Ol9:gBwQdK1i1iPRvnDzV
Score

10^/10

formbook ro12 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2