formbook

General

Target

3f53f7808665f4ec8584799517728417
Size

701KB
Sample

240103-3pfd3acgfp
MD5

3f53f7808665f4ec8584799517728417
SHA1

e5a0e79eae254c1ea7488f6515125fd91041a91d
SHA256

08fdd2ba8169c00ea8a9579cf84f56e7b753a29d51b284cb88c8e14631ea724d
SHA512

37db65bc7ad11fc40d45453c3b75643c87f4f62c8da3c0590a29256ec65bec7d592c32a19b39d66a4c62a4978004cb8988420ee1a9fd56fb44644594e72369c3
SSDEEP

12288:yeZhycsJouTVHd0eqHLlb7NR+WT6h5jvVrDlV977MmZ:yKiJH+emx7NRq5jNrDVnZ

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

rfqo

Decoy

gerrygapinski.com

mariashoots.com

fanaticlooks.com

mondilala.net

reviewrun.net

semessage.info

metodoiluminado-cupom.com

gdclzq.com

liteletherapy.com

bearcreekcattlebeef.com

dreampointer.com

rubygrocery.com

sevak369.com

alfacad.net

b2fb.com

creativebusinesspages.com

digitalej.com

uvgotthepower.com

caotaibanzi.com

yichuanli.com

Targets

- Target
  
  3f53f7808665f4ec8584799517728417
- Size
  
  701KB
- MD5
  
  3f53f7808665f4ec8584799517728417
- SHA1
  
  e5a0e79eae254c1ea7488f6515125fd91041a91d
- SHA256
  
  08fdd2ba8169c00ea8a9579cf84f56e7b753a29d51b284cb88c8e14631ea724d
- SHA512
  
  37db65bc7ad11fc40d45453c3b75643c87f4f62c8da3c0590a29256ec65bec7d592c32a19b39d66a4c62a4978004cb8988420ee1a9fd56fb44644594e72369c3
- SSDEEP
  
  12288:yeZhycsJouTVHd0eqHLlb7NR+WT6h5jvVrDlV977MmZ:yKiJH+emx7NRq5jNrDVnZ
Score

10^/10

formbook rfqo rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2