formbook

General

Target

62394cc22c658f1812ffc468ac1bedc1
Size

1.0MB
Sample

240117-kptmkscaaj
MD5

62394cc22c658f1812ffc468ac1bedc1
SHA1

c058eff79d6e9a230b9ba3c9027d8b640a3c4178
SHA256

89d2c0dd73a826dc81b41bb4b4664ac64a66916824c4ab6d23cda779e6ebdc38
SHA512

0d19e647ef4a9e0f59127a75e6154442d0e0aace83c6ae6c5cda3035b2ddec91ddda98bf4bbabfc763a93331857b71dd413e7d3920b9eb49046c3091c732cb35
SSDEEP

12288:g08GevbraqDZgxV4yoxXl5lmKhHanKD4I4Ni3z3T8oCwwN:gTqzS1ffD4I4Y3z3Bd

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

- Target
  
  62394cc22c658f1812ffc468ac1bedc1
- Size
  
  1.0MB
- MD5
  
  62394cc22c658f1812ffc468ac1bedc1
- SHA1
  
  c058eff79d6e9a230b9ba3c9027d8b640a3c4178
- SHA256
  
  89d2c0dd73a826dc81b41bb4b4664ac64a66916824c4ab6d23cda779e6ebdc38
- SHA512
  
  0d19e647ef4a9e0f59127a75e6154442d0e0aace83c6ae6c5cda3035b2ddec91ddda98bf4bbabfc763a93331857b71dd413e7d3920b9eb49046c3091c732cb35
- SSDEEP
  
  12288:g08GevbraqDZgxV4yoxXl5lmKhHanKD4I4Ni3z3T8oCwwN:gTqzS1ffD4I4Y3z3Bd
Score

10^/10

formbook kzk9 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2