formbook

General

Target

75bdb0c54fe8a21e76bd6bac1ffe4e7e_JaffaCakes118
Size

494KB
Sample

240401-vrkskaac6t
MD5

75bdb0c54fe8a21e76bd6bac1ffe4e7e
SHA1

71f7abffc31fe665b87f70f9089a20bbd0d48684
SHA256

85ee6fb97c2010a9360ee393b6f8515260e312de96ca3afbde06d5aaed699d3d
SHA512

678841b59fc4fe0186c1d6884838b683a2e52fed9afcfaa8b6d6b54c96de43965a7d82b2f4ba0887d28aa64c1dcdf61dbf4a6adaa5910512f30716bd1d6bb7f7
SSDEEP

12288:Y73kSzHkrPnOoMw9ZFF9278GccPKx9nhJpLb6DQvrulsI5ZJs9:YuQ7dqxLVTul75Y

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jy0b

Decoy

lamejorimagen.com

mykabukibrush.com

modgon.com

barefoottherapeutics.com

shimpeg.net

trade-sniper.com

chiangkhancityhotel.com

joblessmoni.club

stespritsubways.com

chico-group.com

nni8.xyz

searchtypically.online

jobsyork.com

bestsales-crypto.com

iqmarketing.info

bullcityphotobooths.com

fwssc.icu

1oc87s.icu

usdiesel.xyz

secrets2optimumnutrition.com

Targets

- Target
  
  75bdb0c54fe8a21e76bd6bac1ffe4e7e_JaffaCakes118
- Size
  
  494KB
- MD5
  
  75bdb0c54fe8a21e76bd6bac1ffe4e7e
- SHA1
  
  71f7abffc31fe665b87f70f9089a20bbd0d48684
- SHA256
  
  85ee6fb97c2010a9360ee393b6f8515260e312de96ca3afbde06d5aaed699d3d
- SHA512
  
  678841b59fc4fe0186c1d6884838b683a2e52fed9afcfaa8b6d6b54c96de43965a7d82b2f4ba0887d28aa64c1dcdf61dbf4a6adaa5910512f30716bd1d6bb7f7
- SSDEEP
  
  12288:Y73kSzHkrPnOoMw9ZFF9278GccPKx9nhJpLb6DQvrulsI5ZJs9:YuQ7dqxLVTul75Y
Score

10^/10

formbook jy0b rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2