formbook

General

Target

94abfdf47572a6023f28be8b72f2fb74_JaffaCakes118
Size

406KB
Sample

240402-xs95ysag2s
MD5

94abfdf47572a6023f28be8b72f2fb74
SHA1

c05059aa66ebd5eefe06f49e889f178aafebf5a1
SHA256

b0cfa1848c7b08eb881e615731493df57963468fa3fb461ebf1468271dd17a14
SHA512

1344ba9e20adfa83d8c8c6a7cdb3a99538b542b821e63030cd64808b4c899cf32df5326ef8fcb0c37664a7aa4f8fb85a6c3fc19d6f19829c2b808a2beda9e182
SSDEEP

6144:OaDH3SWaWBa6irJ741J9DxKVi51hX9IYQEKVy6HsPDRr6K8kqP6bLn:HDHi6a6irJS9DxKVI9YHMUKK6

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

jy0b

Decoy

lamejorimagen.com

mykabukibrush.com

modgon.com

barefoottherapeutics.com

shimpeg.net

trade-sniper.com

chiangkhancityhotel.com

joblessmoni.club

stespritsubways.com

chico-group.com

nni8.xyz

searchtypically.online

jobsyork.com

bestsales-crypto.com

iqmarketing.info

bullcityphotobooths.com

fwssc.icu

1oc87s.icu

usdiesel.xyz

secrets2optimumnutrition.com

Targets

- Target
  
  94abfdf47572a6023f28be8b72f2fb74_JaffaCakes118
- Size
  
  406KB
- MD5
  
  94abfdf47572a6023f28be8b72f2fb74
- SHA1
  
  c05059aa66ebd5eefe06f49e889f178aafebf5a1
- SHA256
  
  b0cfa1848c7b08eb881e615731493df57963468fa3fb461ebf1468271dd17a14
- SHA512
  
  1344ba9e20adfa83d8c8c6a7cdb3a99538b542b821e63030cd64808b4c899cf32df5326ef8fcb0c37664a7aa4f8fb85a6c3fc19d6f19829c2b808a2beda9e182
- SSDEEP
  
  6144:OaDH3SWaWBa6irJ741J9DxKVi51hX9IYQEKVy6HsPDRr6K8kqP6bLn:HDHi6a6irJS9DxKVI9YHMUKK6
Score

10^/10

formbook jy0b rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2