formbook

General

Target

Purchase Order For Consumables Eltra 888363725_9645364782_1197653623_836652746_22994644.exe
Size

1.0MB
Sample

240429-mr8wdsha4t
MD5

0de4eb1758f5ef209ed50d5728cbb729
SHA1

dc50323b58a5f7a71f9c51c135e09f522aba1d26
SHA256

f6723f25605e46b8bdd2a8a875ee319c40108491934b2f8fbcdd58d649cbc651
SHA512

616bac0fdbf0ae628b8c6fb1cc2608a966703dce4005ea0812b9e7102e7db2e064c2e5512b725a10b052bf0f41d91888b9dcac7d63da22e6d844488dba366286
SSDEEP

24576:FAHnh+eWsN3skA4RV1Hom2KXMmHakjr3rmhkjknnL5:0h+ZkldoPK8YakvqhkjkN

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

se63

Decoy

socratesandhisclouds.com

versioncolor.com

ytcp011.com

908511.vip

egysrvs.com

ky5682011.cc

kkuu14.icu

wavebsb.com

klikadelivery.com

jnbxbpq.com

5o8oh.us

hemule.net

techinf.xyz

bevage.club

we37h.com

tipsde.shop

48136.vip

bestcampertrailerbrands.com

fairmedics.in

quixonic.tech

Targets

- Target
  
  Purchase Order For Consumables Eltra 888363725_9645364782_1197653623_836652746_22994644.exe
- Size
  
  1.0MB
- MD5
  
  0de4eb1758f5ef209ed50d5728cbb729
- SHA1
  
  dc50323b58a5f7a71f9c51c135e09f522aba1d26
- SHA256
  
  f6723f25605e46b8bdd2a8a875ee319c40108491934b2f8fbcdd58d649cbc651
- SHA512
  
  616bac0fdbf0ae628b8c6fb1cc2608a966703dce4005ea0812b9e7102e7db2e064c2e5512b725a10b052bf0f41d91888b9dcac7d63da22e6d844488dba366286
- SSDEEP
  
  24576:FAHnh+eWsN3skA4RV1Hom2KXMmHakjr3rmhkjknnL5:0h+ZkldoPK8YakvqhkjkN
Score

10^/10

formbook se63 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2