formbook

General

Target

276b0170d8035edd89cb993a275e776c
Size

1.3MB
Sample

231231-enj4vsfdgk
MD5

276b0170d8035edd89cb993a275e776c
SHA1

8b9bdc7f22d7e978bcea377926c67655ed5c3c8f
SHA256

6cbc8098614c094caf34a0eae5242f77ae55e6ff77184f6a5b708703698ccc1a
SHA512

868acf7b6d05dc77928ebe5e707bead2491adfab4753e82a009bd2a33c8cea79e200a227c65552eb87c7480ca949c0d13a2dd7c2a44970e65d24526909e87146
SSDEEP

24576:eC71ajs89tvKOsjrh6CZYZJrmMnfk/iQ2+S0d:eMajsa9KDzZwJ9fk/Pj

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

- Target
  
  276b0170d8035edd89cb993a275e776c
- Size
  
  1.3MB
- MD5
  
  276b0170d8035edd89cb993a275e776c
- SHA1
  
  8b9bdc7f22d7e978bcea377926c67655ed5c3c8f
- SHA256
  
  6cbc8098614c094caf34a0eae5242f77ae55e6ff77184f6a5b708703698ccc1a
- SHA512
  
  868acf7b6d05dc77928ebe5e707bead2491adfab4753e82a009bd2a33c8cea79e200a227c65552eb87c7480ca949c0d13a2dd7c2a44970e65d24526909e87146
- SSDEEP
  
  24576:eC71ajs89tvKOsjrh6CZYZJrmMnfk/iQ2+S0d:eMajsa9KDzZwJ9fk/Pj
Score

10^/10

formbook mxwf rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2