formbook

General

Target

b504c00e693fc83d50cfc05a5228e3a5
Size

242KB
Sample

231227-s7lcxshbfp
MD5

b504c00e693fc83d50cfc05a5228e3a5
SHA1

e25ace4508b7c7c95594bc3bf186333ca04d8730
SHA256

8898f85efa9e25992b6e00da2b7d3338649ebf89d26a92b9bf156618960f5466
SHA512

0bf1f203485a7ed915fdad816e87c26c4114372929e567057681d65bdb53c300de2f7ed55cdf289e9c2ee66010be50d44526f15b669092435677938bfef7518f
SSDEEP

6144:xOBAkoCch1rdJjoPH72/24sU7qxVxsX8MPBAto:EcCcbzoPaO4sUexbsX8M+K

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

lt0h

Decoy

originalindigofurniture.co.uk

fl6588.com

acecademy.com

yaerofinerindalnalising.com

mendilovic.online

rishenght.com

famlees.com

myhomeofficemarket.com

bouquetarabia.com

chrisbani.com

freebandslegally.com

hernandezinsurancegroup.net

slicedandfresh.com

apnathikanas.com

chadhatesyou.com

ansilsas.com

in3development.com

nitiren.net

peespn.com

valengz.com

Targets

- Target
  
  b504c00e693fc83d50cfc05a5228e3a5
- Size
  
  242KB
- MD5
  
  b504c00e693fc83d50cfc05a5228e3a5
- SHA1
  
  e25ace4508b7c7c95594bc3bf186333ca04d8730
- SHA256
  
  8898f85efa9e25992b6e00da2b7d3338649ebf89d26a92b9bf156618960f5466
- SHA512
  
  0bf1f203485a7ed915fdad816e87c26c4114372929e567057681d65bdb53c300de2f7ed55cdf289e9c2ee66010be50d44526f15b669092435677938bfef7518f
- SSDEEP
  
  6144:xOBAkoCch1rdJjoPH72/24sU7qxVxsX8MPBAto:EcCcbzoPaO4sUexbsX8M+K
Score

10^/10

formbook lt0h rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2