formbook

General

Target

fb3c22450dadb4fc195959dacd468137
Size

415KB
Sample

231220-wawdeaacbj
MD5

fb3c22450dadb4fc195959dacd468137
SHA1

4626c5529c6a80d8b3c7598a9d98fe9cd2992add
SHA256

07df2d49631c432b3a3c6992f4d3527ad6228d45a04079dcdc99dbda72662566
SHA512

1f121a701ea08af7c6251b07f7cb539abc5c6ef8febf9f78bca93375c984e15162332d8a0a2c0853ba300503e3d5c4127cb5dca45f5628ace9818d1c69a998c5
SSDEEP

6144:8p4RU+zNERnzm9FF5U3hVj9cMFR5IEfRxNZPgD9tr3R6Q4UAyvqWQ+3HwOU:8p4RU+zWR6vFchFM0xN9g5V3R6Q2uCoU

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ed9s

Decoy

pocketoptioniraq.com

merabestsolutions.com

atelectronics.site

fuxueshi.net

infinitystay.com

forensicconcept.site

txpmachine.com

masterwhs.xyz

dia-gnwsis.art

fulltiltnodes.com

bigbnbbsc.com

formation-figma.com

bonanacroin.net

medicalmarijuanasatx.com

bagnavy.com

aaegiscares.net

presentationpublicschool.com

bestyousite.site

prescriptionn.com

beyondthenormbouquets.com

Targets

- Target
  
  fb3c22450dadb4fc195959dacd468137
- Size
  
  415KB
- MD5
  
  fb3c22450dadb4fc195959dacd468137
- SHA1
  
  4626c5529c6a80d8b3c7598a9d98fe9cd2992add
- SHA256
  
  07df2d49631c432b3a3c6992f4d3527ad6228d45a04079dcdc99dbda72662566
- SHA512
  
  1f121a701ea08af7c6251b07f7cb539abc5c6ef8febf9f78bca93375c984e15162332d8a0a2c0853ba300503e3d5c4127cb5dca45f5628ace9818d1c69a998c5
- SSDEEP
  
  6144:8p4RU+zNERnzm9FF5U3hVj9cMFR5IEfRxNZPgD9tr3R6Q4UAyvqWQ+3HwOU:8p4RU+zWR6vFchFM0xN9g5V3R6Q2uCoU
Score

10^/10

formbook ed9s rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2