formbook

General

Target

2eab6a48a08726441514655a1d84a3921af8139cd2e7b61f23a30c11785f28f2.exe
Size

617KB
Sample

240328-ck4mzsaf44
MD5

7d1afa1b1a208fb161b8e5728ab0523f
SHA1

4c6fc1d025489ff1dc67fead4ae0bfa0acc26f3c
SHA256

2eab6a48a08726441514655a1d84a3921af8139cd2e7b61f23a30c11785f28f2
SHA512

e3c2f52d17b93ddbef0c5fc2224b202863f82588c87cf4c0a908a3d37de354e237d877f904a7f46f7c3553848f814fcfb3cc5e5af6c1be1cd95af9b8328bec5b
SSDEEP

12288:5L2iNlw0k160S794BoVFdHlAWQ4deo8p7Ya+KRC1alSACiMkR:V1X30S794KVFdHlAOdB4MTKRCcck

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ns03

Decoy

dipity.tech

agathis.fun

ekaterinai.store

elizabethsbookshelf.com

smilesustainably.com

tapeworm.xyz

beatricesswarthout.xyz

nsrpackersandpackers.in

yedxec.xyz

gildedbeautyaesthitics.com

hanibalbechar.com

fichaphuman.net

adilosk.shop

geezaran.com

ventasemail.com

phonecasesdirect.store

rctjuc.shop

sukimossmanagement.com

caller-id.today

kft07.vip

Targets

- Target
  
  2eab6a48a08726441514655a1d84a3921af8139cd2e7b61f23a30c11785f28f2.exe
- Size
  
  617KB
- MD5
  
  7d1afa1b1a208fb161b8e5728ab0523f
- SHA1
  
  4c6fc1d025489ff1dc67fead4ae0bfa0acc26f3c
- SHA256
  
  2eab6a48a08726441514655a1d84a3921af8139cd2e7b61f23a30c11785f28f2
- SHA512
  
  e3c2f52d17b93ddbef0c5fc2224b202863f82588c87cf4c0a908a3d37de354e237d877f904a7f46f7c3553848f814fcfb3cc5e5af6c1be1cd95af9b8328bec5b
- SSDEEP
  
  12288:5L2iNlw0k160S794BoVFdHlAWQ4deo8p7Ya+KRC1alSACiMkR:V1X30S794KVFdHlAOdB4MTKRCcck
Score

10^/10

formbook ns03 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Detects executables packed with SmartAssembly
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Detects executables packed with SmartAssembly

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2