formbook

General

Target

875d520c82087afa19b50355a0df7d50
Size

838KB
Sample

240201-t2nfrsbhhq
MD5

875d520c82087afa19b50355a0df7d50
SHA1

910a982a2ec09f51c6205f2ab585abdb73fb1cda
SHA256

70d759be9f935d289ee1627038a118e9493d45ecebfcd477f0b43a8253afffb4
SHA512

8a53e26bbfc21255c3939ade4fd6b32eabd144874c14654a41e08b7924e2aa7c5cc4a6c7f309b2fd231c94ec31affb7f66aeb2c865e1f8d890883a46b9fb74a2
SSDEEP

12288:O/lUKzDFPjakDcjTnB0wZALuEqay20zWi6zE+zA9GJlCHjDqM5xwMGmc:O/WKl7OO7L7tiunCiMst

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mxwf

Decoy

orders-cialis.info

auctionorbuy.com

meanmugsamore.com

yachtcrewmark.com

sacredkashilifestudio.net

themintyard.com

bragafoods.com

sierp.com

hausofdeme.com

anthonyjames915.com

bajardepesoencasa.com

marciaroyal.com

earringlifter.com

dsdjfhd9ddksa1as.info

bmzproekt.com

employmentbc.com

ptsdtreatment.space

vrchance.com

cnrongding.com

welovelit.com

Targets

- Target
  
  875d520c82087afa19b50355a0df7d50
- Size
  
  838KB
- MD5
  
  875d520c82087afa19b50355a0df7d50
- SHA1
  
  910a982a2ec09f51c6205f2ab585abdb73fb1cda
- SHA256
  
  70d759be9f935d289ee1627038a118e9493d45ecebfcd477f0b43a8253afffb4
- SHA512
  
  8a53e26bbfc21255c3939ade4fd6b32eabd144874c14654a41e08b7924e2aa7c5cc4a6c7f309b2fd231c94ec31affb7f66aeb2c865e1f8d890883a46b9fb74a2
- SSDEEP
  
  12288:O/lUKzDFPjakDcjTnB0wZALuEqay20zWi6zE+zA9GJlCHjDqM5xwMGmc:O/WKl7OO7L7tiunCiMst
Score

10^/10

formbook mxwf rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2