formbook

General

Target

cc295ae3f8d52b74a742364b9ba12acb
Size

322KB
Sample

240315-xhxrwagb9w
MD5

cc295ae3f8d52b74a742364b9ba12acb
SHA1

a752516d7f08208ba9560373a56e5b918fa0846a
SHA256

efd668c69a879c85b8fb4ffdae21c471ce300548ab17321b851d0089c7dfdf73
SHA512

f33a52a3945162ae02ed0081ef27f471bdd13593e34039f29ba8ee5ca9963ffa879639b867dbaaaf99f68baf59a00019605e360da74c3dc2673378cc1f2d6823
SSDEEP

6144:InHWk7SqZYslIEVta+G9oS6OZJJo734RrfAlI8IS4igM5xaMNvW+Yc8vqXUL:IHWk7SzEVtfG9EOLJOIRdnfixxaM1W/n

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

mn9v

Decoy

whitepqags.com

jyps95.com

lkportoes.com

discotwinks.com

samgyupontheway.info

fourtimeseight.com

fossahosting.net

siakadvm.com

mywebpromotion.com

vysocky.coffee

folkloren.com

underwier.agency

moneymatric.com

romaditalialr.com

unfilteredessence.com

viktorlevi.com

curbo.info

sacrilege.church

charlenemee.com

magatv.net

Targets

- Target
  
  cc295ae3f8d52b74a742364b9ba12acb
- Size
  
  322KB
- MD5
  
  cc295ae3f8d52b74a742364b9ba12acb
- SHA1
  
  a752516d7f08208ba9560373a56e5b918fa0846a
- SHA256
  
  efd668c69a879c85b8fb4ffdae21c471ce300548ab17321b851d0089c7dfdf73
- SHA512
  
  f33a52a3945162ae02ed0081ef27f471bdd13593e34039f29ba8ee5ca9963ffa879639b867dbaaaf99f68baf59a00019605e360da74c3dc2673378cc1f2d6823
- SSDEEP
  
  6144:InHWk7SqZYslIEVta+G9oS6OZJJo734RrfAlI8IS4igM5xaMNvW+Yc8vqXUL:IHWk7SzEVtfG9EOLJOIRdnfixxaM1W/n
Score

10^/10

formbook mn9v rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2