formbook

General

Target

Payment Copy (MT103 _03 _171023)_pdf.exe
Size

592KB
Sample

231023-nnwx4agb5s
MD5

a57ad3a116cc0b544c63e7655047570f
SHA1

0729e7e1300ab2b0fa9cf60d32cd2a15276a1f87
SHA256

25e8610d483e74bac4bfc7189060e7fdeed775f6e82cd69b3a36d1a12b4e2af9
SHA512

16af9ccb2a0e59d5c16469b219a2ffba7b3963e83da889a9277b2803714dabe5367b820edf18d9908d2e4f1d28eadd69b0eda1a055e9cf5b10a11eea8d4cb15a
SSDEEP

12288:p//s02mvB+6ld9l/5ReV2fqy+/xCEL9HJfC/6afTTpcmUbgR/mZRM+:p//Z2mJ9p2hzhppqDrTpEgkZR5

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

eg02

Decoy

erc20.gold

elainevannmorgan.photography

melbet-el4.top

guvenilir.bet

sesamecsre.com

kevinjaydenwivano.tech

condohotelguru.com

shjcdz.com

innocarta.store

collinstradingpost.com

6om3j4.top

nagtco.xyz

fasist.fit

arkansaspremiertournaments.com

mrscsnowschool.com

ma-group.online

lillyjriley.icu

electric-cars-87253.bond

lila.tools

hollamia.com

Targets

- Target
  
  Payment Copy (MT103 _03 _171023)_pdf.exe
- Size
  
  592KB
- MD5
  
  a57ad3a116cc0b544c63e7655047570f
- SHA1
  
  0729e7e1300ab2b0fa9cf60d32cd2a15276a1f87
- SHA256
  
  25e8610d483e74bac4bfc7189060e7fdeed775f6e82cd69b3a36d1a12b4e2af9
- SHA512
  
  16af9ccb2a0e59d5c16469b219a2ffba7b3963e83da889a9277b2803714dabe5367b820edf18d9908d2e4f1d28eadd69b0eda1a055e9cf5b10a11eea8d4cb15a
- SSDEEP
  
  12288:p//s02mvB+6ld9l/5ReV2fqy+/xCEL9HJfC/6afTTpcmUbgR/mZRM+:p//Z2mJ9p2hzhppqDrTpEgkZR5
Score

10^/10

formbook eg02 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2