formbook

General

Target

e13aec794ab852539c7ddc9b1684d795
Size

384KB
Sample

240327-kd71tsbd8t
MD5

e13aec794ab852539c7ddc9b1684d795
SHA1

7cd01153e6223b6b63604bddf960198958bde7bf
SHA256

00a1389397741e429a832789b222bcfa27eeb64752d26477078262a6be1e5b6c
SHA512

c9d6853f20e1462355ca71e8a9322b29a2e92361a4197bd0c00cd24f2e2e9ffc128ba5244a73da4edae2415c8daaaefc6fc320714272e3151fb3a935d7b74474
SSDEEP

12288:brf0P3HD5Y8n7nVzDMfmyQGCs23P9LyB4LnE8O:0P3H1Y87BIfQGC98B2El

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

tnli

Decoy

thefoodrecipes.xyz

polefishing.store

ashdal.com

bodurm.com

queeningoutconsulting.com

villaricatruckparkingnearme.com

realestatebites.com

sofutureproof.com

guildmac.com

thegeeksbeanie.com

frenchiesstore.com

wizzywheels.com

sporyeri.online

8deltavapes.com

bowlandskincare.com

10dollarchat.com

talesfromthequadrat.com

bellaspetwear.com

linkenvideo080.xyz

master-tim.com

Targets

- Target
  
  e13aec794ab852539c7ddc9b1684d795
- Size
  
  384KB
- MD5
  
  e13aec794ab852539c7ddc9b1684d795
- SHA1
  
  7cd01153e6223b6b63604bddf960198958bde7bf
- SHA256
  
  00a1389397741e429a832789b222bcfa27eeb64752d26477078262a6be1e5b6c
- SHA512
  
  c9d6853f20e1462355ca71e8a9322b29a2e92361a4197bd0c00cd24f2e2e9ffc128ba5244a73da4edae2415c8daaaefc6fc320714272e3151fb3a935d7b74474
- SSDEEP
  
  12288:brf0P3HD5Y8n7nVzDMfmyQGCs23P9LyB4LnE8O:0P3H1Y87BIfQGC98B2El
Score

10^/10

formbook tnli rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2