formbook

General

Target

3daaa20ac455b9586113cba234ae3153.exe
Size

681KB
Sample

240101-yj29esgfer
MD5

3daaa20ac455b9586113cba234ae3153
SHA1

d2972fb3c632473eb22f353755e0f31f999532b7
SHA256

3864b3a157ece572eabb6d56e50d577d0993fc7150bb5046e26e4fdc6bdf3c76
SHA512

9ab0101d42f3b17f7d9f9cc3d7c80167604cc29a309cb374afc47592d25bd054e5c10df52839c10e9b432dd09bea0ed90a6b16b4282c2183d7e845316ace9771
SSDEEP

6144:HBYFJLgGVFjvC+w7Mp5zmeEyK1mlfu7oVMGMLQwNFRKs0ZnnsCJaIUSSLyFpVI:6vVBpnAIutGMnNFR90DaIkepI

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

crg3

Decoy

g-strip.com

mercedestaydo.com

bettypersonalized.com

smithsndvine.com

lrkingdee.com

steigtechnik.club

joyous.world

lockhartsecurity.net

dogpouchy.com

sallysharman.com

moylook.online

safercheckin.com

pinsiteup14.online

infinitytattoocare.com

daiwans1.com

nativress.com

vanessagracebang.xyz

adiguzelboya.net

getiphoneforfree.com

villadelsolguadalupe.com

Targets

- Target
  
  3daaa20ac455b9586113cba234ae3153.exe
- Size
  
  681KB
- MD5
  
  3daaa20ac455b9586113cba234ae3153
- SHA1
  
  d2972fb3c632473eb22f353755e0f31f999532b7
- SHA256
  
  3864b3a157ece572eabb6d56e50d577d0993fc7150bb5046e26e4fdc6bdf3c76
- SHA512
  
  9ab0101d42f3b17f7d9f9cc3d7c80167604cc29a309cb374afc47592d25bd054e5c10df52839c10e9b432dd09bea0ed90a6b16b4282c2183d7e845316ace9771
- SSDEEP
  
  6144:HBYFJLgGVFjvC+w7Mp5zmeEyK1mlfu7oVMGMLQwNFRKs0ZnnsCJaIUSSLyFpVI:6vVBpnAIutGMnNFR90DaIkepI
Score

10^/10

formbook crg3 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2