formbook

General

Target

73ba302c6db589bcc68b8686618889e8
Size

1.3MB
Sample

240125-e1jc4agad7
MD5

73ba302c6db589bcc68b8686618889e8
SHA1

77b5067ebfbdceb30002c7bc6a7278978007c5f9
SHA256

0a572a1204078a6e8d7e0273304057ba4fe1be02ea692ec7d3e51e1dba30a19f
SHA512

496fc14e2dde5417a627785943d0fc39259aee0f029ac17f240391b7d7b8b6f1c2246a30aa1f10079f5f91f2594ccf875e210d5da3b7d00c1a17bfdc3a65d5d6
SSDEEP

24576:z/HwS/d3Qmvy+VKGjGXNZw0B8BiWVx2LZvig2wDGdoL7xvUN71Fe:PGGqnw0BCjqvig21dE2e

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b2dn

Decoy

tigasaki.com

ashurmall.net

womenanhome.com

aplusmoblervrepair.com

hometheaterplanning.com

editstores.com

growtoabillion.com

uaforge96sport.com

customersuccessoutsourcing.com

northstaradio.com

remotetech42.com

matchapult.com

breakdownquartet.com

erhradtcc.com

cyainspectionsinc.com

hussy-ballistics.info

prodisa.info

mitthussweets.com

ibycoaching.com

gpspersonaltracker.equipment

Targets

- Target
  
  73ba302c6db589bcc68b8686618889e8
- Size
  
  1.3MB
- MD5
  
  73ba302c6db589bcc68b8686618889e8
- SHA1
  
  77b5067ebfbdceb30002c7bc6a7278978007c5f9
- SHA256
  
  0a572a1204078a6e8d7e0273304057ba4fe1be02ea692ec7d3e51e1dba30a19f
- SHA512
  
  496fc14e2dde5417a627785943d0fc39259aee0f029ac17f240391b7d7b8b6f1c2246a30aa1f10079f5f91f2594ccf875e210d5da3b7d00c1a17bfdc3a65d5d6
- SSDEEP
  
  24576:z/HwS/d3Qmvy+VKGjGXNZw0B8BiWVx2LZvig2wDGdoL7xvUN71Fe:PGGqnw0BCjqvig21dE2e
Score

10^/10

formbook b2dn rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2