formbook

General

Target

748646de2a6f09e35e043eefca32c6b8
Size

872KB
Sample

240125-m5a7aaecf4
MD5

748646de2a6f09e35e043eefca32c6b8
SHA1

0ba5a84af8177a4300bbb7f5be53c6401743a2b7
SHA256

30c70e6852155344b71c74dc919b365847a12ef299cda58501051f706e7bbbf4
SHA512

8fe83015475002e00b37f166338e987add93caec3ced3bfdf22e73c7e09469f98d109a2dbfa484ff19ca314e95e621bd508ee471d132597fa9b0e9e15919cc43
SSDEEP

12288:zmjdtAfZJoR65AXwgFvuSSUIomtXFu4wM2t3fEEIVwT4XBlm6tE1wJyafwLut:doR6qgcmhF4/3gSkXBlctafc

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

wt5i

Decoy

mydreamct.com

vadicore.com

choicemango.com

projectsolutionspro.com

ncg.xyz

goio.digital

ee-secure-account.com

criminalstudy.com

fsjuanzhi.com

pont-travaux-public.com

agencepartenaire.com

jlsyzm.com

prosselius.com

woodendgroups.com

thereproducts.site

sigmagrupo.net

chelseagracia.com

fusosstore.com

chrissypips.trade

mvlxplcswa.com

Targets

- Target
  
  748646de2a6f09e35e043eefca32c6b8
- Size
  
  872KB
- MD5
  
  748646de2a6f09e35e043eefca32c6b8
- SHA1
  
  0ba5a84af8177a4300bbb7f5be53c6401743a2b7
- SHA256
  
  30c70e6852155344b71c74dc919b365847a12ef299cda58501051f706e7bbbf4
- SHA512
  
  8fe83015475002e00b37f166338e987add93caec3ced3bfdf22e73c7e09469f98d109a2dbfa484ff19ca314e95e621bd508ee471d132597fa9b0e9e15919cc43
- SSDEEP
  
  12288:zmjdtAfZJoR65AXwgFvuSSUIomtXFu4wM2t3fEEIVwT4XBlm6tE1wJyafwLut:doR6qgcmhF4/3gSkXBlctafc
Score

10^/10

formbook wt5i rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2