formbook

General

Target

4888378edabc17ca6aa23c1c795ca146
Size

634KB
Sample

231219-scbj8shhgk
MD5

4888378edabc17ca6aa23c1c795ca146
SHA1

a538183be09cc89aba93bf33058b4cfc0dac3d3f
SHA256

2a574ade19e64e7905f2e35ab4aa0f16dff6b56856f27af688be087b50e3dd9e
SHA512

131397845c3cb93a7485526af54eece69c5bffa16c01fc6fe1c794fbab64374e86e6310c312b94e48ff88036fd8020e07d4b03cef2ab7c77ba1d0c3e542486c2
SSDEEP

12288:3pDjXq7ClRotHOHhs3ZK12e4GVTx2nASBnG1:3RjXyttKCZK12qOBnG

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

chad

Decoy

osiribodhisattva.com

e-ticaretdostu.com

integrocapitalllc.com

pasarbb.com

curavy.com

efcomportamento.com

twittertornado.com

siyhy.com

roamnext.com

hongduen.com

urbaanmarket.com

davidcavanaghreplays.com

comperhouse.com

ne-nerede.net

m365fordevs.com

structuredadvocates.com

withalldads.love

assanamusic.info

oshaberi-machiko.com

mollyellen.net

Targets

- Target
  
  4888378edabc17ca6aa23c1c795ca146
- Size
  
  634KB
- MD5
  
  4888378edabc17ca6aa23c1c795ca146
- SHA1
  
  a538183be09cc89aba93bf33058b4cfc0dac3d3f
- SHA256
  
  2a574ade19e64e7905f2e35ab4aa0f16dff6b56856f27af688be087b50e3dd9e
- SHA512
  
  131397845c3cb93a7485526af54eece69c5bffa16c01fc6fe1c794fbab64374e86e6310c312b94e48ff88036fd8020e07d4b03cef2ab7c77ba1d0c3e542486c2
- SSDEEP
  
  12288:3pDjXq7ClRotHOHhs3ZK12e4GVTx2nASBnG1:3RjXyttKCZK12qOBnG
Score

10^/10

formbook chad rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2