formbook

General

Target

de8c69d84e9d3efccb31651cf1d9ca4a
Size

659KB
Sample

240325-vyx2gaea54
MD5

de8c69d84e9d3efccb31651cf1d9ca4a
SHA1

f37511be3e9f7948f3bbb77a2ac51e138d59d61c
SHA256

68a5d1f3cde5948d9b3d0c55942b19ca859f859af258cadcdc724351ee5e5401
SHA512

dd751449a78051c3470b7d0a05729f96612e8ff52e3d766f4efd233f3e99444d7ef900159573a8f8a478f061fecabf694030b94df9dcdd05ee1d609a816914a6
SSDEEP

12288:1TQku+UELEHi799mSNI0/X6J73ZiyYm5JGSA4AmlSoTADRNQmc6DjCDmomKZ1Mpu:1TK+U52mzM6Z0mHGS5l0QR6Dj77uqE

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jdge

Decoy

cungcaptapvu.com

lantianren.net

mydivorcepsychologist.com

bageurapparel.com

citydealmaker.com

historyegress.com

litekkutu.xyz

perksofkerala.com

flairmax.com

washingmachineservicerepair.xyz

organicbeauty.club

rehmazbeauty.com

goodgly.com

imtheonlyperson.systems

shbanjia199.com

mwfbd.com

halsonpipe.com

0927487.com

perfectpeachco.com

danielprok.com

Targets

- Target
  
  Request for Quotation...pdf.exe
- Size
  
  885KB
- MD5
  
  c489912068a72c74eb218562beeaaf8a
- SHA1
  
  6348afcd2c4645d983f6982bc3271646a3049fd5
- SHA256
  
  78ddeffb28de453b1235da58833f3e8532635bf556fb2ef23e25aa58b15506b0
- SHA512
  
  3d0ad7e47472b69026658d64017cc8aa30843c5757b521bb6edc7fdf8ec9a3bff889233ab38c8b3e58308beea2c150498ff78edef01b93107b3843881618b4b3
- SSDEEP
  
  12288:E3hYkBcPwb/nRlnGWsDzvFXQKoXVtnL+BpD2ePG72HrV7:hK/RlnE58fnKrvPG7gr
Score

10^/10

formbook jdge rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2