formbook

General

Target

a584c1efdc2d5911278ab43d1fc671af
Size

401KB
Sample

231227-f853haegfq
MD5

a584c1efdc2d5911278ab43d1fc671af
SHA1

58bbfeda525cd20cde716d8d587b96a58a494d6f
SHA256

8c988a622b822f0fc226b928ab317dc7a6130b395f74a3e39c3443b275c93771
SHA512

2bbc2892dca895ed1e2ede7a198c08baeb943e701defad1415efc4d78e3e9eeabaa9056cb5c64bad904b926ff51d8d4b234bef55657cd1478ddf2f1e0625bbcc
SSDEEP

6144:3I9XKqGvBcQqh3SB5o4AOnBplAIeqnG/sLYGKYWRkynp9x:3QvGvOk5Ky0T6G4YGKrHLx

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dd2v

Decoy

jkrqzmeyd.icu

cbluedottvwdshop.com

yhchen.space

premierhealthnwellness.com

szkuyaju.com

harvestmoonloans.net

dadematerial.com

mariaclarahairstudio.com

hwunvy.online

puloutjbmere.com

kossu1989.com

dubbedos.com

ncylis.com

hybrid-sol.com

travelature.com

gracefulcounts.com

66secretgarden.com

eslonyourcell.com

wisersponsorship.com

sepn3.com

Targets

- Target
  
  a584c1efdc2d5911278ab43d1fc671af
- Size
  
  401KB
- MD5
  
  a584c1efdc2d5911278ab43d1fc671af
- SHA1
  
  58bbfeda525cd20cde716d8d587b96a58a494d6f
- SHA256
  
  8c988a622b822f0fc226b928ab317dc7a6130b395f74a3e39c3443b275c93771
- SHA512
  
  2bbc2892dca895ed1e2ede7a198c08baeb943e701defad1415efc4d78e3e9eeabaa9056cb5c64bad904b926ff51d8d4b234bef55657cd1478ddf2f1e0625bbcc
- SSDEEP
  
  6144:3I9XKqGvBcQqh3SB5o4AOnBplAIeqnG/sLYGKYWRkynp9x:3QvGvOk5Ky0T6G4YGKrHLx
Score

10^/10

formbook dd2v rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2