formbook

General

Target

abf416a9f8f2da1f9bd6e44a9369ae21_JaffaCakes118
Size

922KB
Sample

240404-bvz7wabb49
MD5

abf416a9f8f2da1f9bd6e44a9369ae21
SHA1

73bdbf62470ebc25850cb22d9c7e3bc2006c9f01
SHA256

8b10a744ecc77aa0c6ed8596d46513a3de252356f9a1b52cc7c6e8ed459c36b9
SHA512

75d5eb0f8ffb05299aa2225b61cad1ff24749140d469b130e5d57a5f6ee99a6a727bcbb73595ef8d8d35ecf50a54caab1caaaec604bc6a9dfa12abb351be4638
SSDEEP

12288:2TDDXJN68jyeZfaGkH7GtKdOv+CbjReMUCPvti/o7qZn57aypHtNpI:2Fr7WH7ndOWCbjZ5Niw7A3a

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cnp0

Decoy

jiarenyuanhunlian.com

xquizitelashesnwaxx.com

rentinerie.com

herbalpedia-id.com

openseagames.com

re-swap.com

william-cook.com

segensv.com

versebay.com

brendanlairdsound.com

bypestor.com

hospitaldelpc.net

wwwroadrunnerfinancial.com

waterhammerstudios.com

hustleandbank.photography

secure01bchslogin.com

rarepeperanking.com

greatland.company

happybirthdayjewel.com

raheok.store

Targets

- Target
  
  abf416a9f8f2da1f9bd6e44a9369ae21_JaffaCakes118
- Size
  
  922KB
- MD5
  
  abf416a9f8f2da1f9bd6e44a9369ae21
- SHA1
  
  73bdbf62470ebc25850cb22d9c7e3bc2006c9f01
- SHA256
  
  8b10a744ecc77aa0c6ed8596d46513a3de252356f9a1b52cc7c6e8ed459c36b9
- SHA512
  
  75d5eb0f8ffb05299aa2225b61cad1ff24749140d469b130e5d57a5f6ee99a6a727bcbb73595ef8d8d35ecf50a54caab1caaaec604bc6a9dfa12abb351be4638
- SSDEEP
  
  12288:2TDDXJN68jyeZfaGkH7GtKdOv+CbjReMUCPvti/o7qZn57aypHtNpI:2Fr7WH7ndOWCbjZ5Niw7A3a
Score

10^/10

formbook cnp0 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2