formbook

General

Target

f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118
Size

234KB
Sample

240418-ccvp4shc3w
MD5

f709be0a5bbcd4c6c95134f74fcea0c9
SHA1

abdd9aefc247c971ec33f9b28fd909c250adfd64
SHA256

3637b5642068ce24a5c1f19c4e1fc52b777478cb216a9935c86c9e094b6fea7e
SHA512

4b6e2a705c4827d5ac87d5d337a9109370f015fe035a4db4b8ec3296b9e99e2b2fc22a33c4fcf58068a2d1b81fd4c054e5468fd0861e6913c72428ea7245f0aa
SSDEEP

6144:sH9ua1Bk9cUIBae3PTg0Yuld/yLCUjHWb:wb1G9vIEcxdaOEY

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

lt0h

Decoy

originalindigofurniture.co.uk

fl6588.com

acecademy.com

yaerofinerindalnalising.com

mendilovic.online

rishenght.com

famlees.com

myhomeofficemarket.com

bouquetarabia.com

chrisbani.com

freebandslegally.com

hernandezinsurancegroup.net

slicedandfresh.com

apnathikanas.com

chadhatesyou.com

ansilsas.com

in3development.com

nitiren.net

peespn.com

valengz.com

Targets

- Target
  
  f709be0a5bbcd4c6c95134f74fcea0c9_JaffaCakes118
- Size
  
  234KB
- MD5
  
  f709be0a5bbcd4c6c95134f74fcea0c9
- SHA1
  
  abdd9aefc247c971ec33f9b28fd909c250adfd64
- SHA256
  
  3637b5642068ce24a5c1f19c4e1fc52b777478cb216a9935c86c9e094b6fea7e
- SHA512
  
  4b6e2a705c4827d5ac87d5d337a9109370f015fe035a4db4b8ec3296b9e99e2b2fc22a33c4fcf58068a2d1b81fd4c054e5468fd0861e6913c72428ea7245f0aa
- SSDEEP
  
  6144:sH9ua1Bk9cUIBae3PTg0Yuld/yLCUjHWb:wb1G9vIEcxdaOEY
Score

10^/10

formbook lt0h rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2