formbook

General

Target

0a2fd69926acfa1ba2386418c1c17329_JaffaCakes118
Size

439KB
Sample

240430-vt7p4sdd62
MD5

0a2fd69926acfa1ba2386418c1c17329
SHA1

5355ac110d047c1a52abd2eec537ac4e44195626
SHA256

9dbb63b6910aa93bdc75f3c9916d5a23c77f63260140c4d07b7a7bfd1497e8f9
SHA512

5285ebd324ef676b5f61e8fd781008328bf275d16a7e012170f6966edeec3191a33ae09070f0b6ba793b9f8a73de51880a7394eff167cb7a930d603d293af609
SSDEEP

12288:2inGLjeFI06zUshKDwV9arhTgxCPCb1JYXZ66Ju5F:MeFIZs078gxWCRJYoIgF

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

b4630

Decoy

touchlessfund.com

tokenizemortgage.com

suninfosystem.net

eugeneskeef.com

comprindoameta.com

simonhousecopake.com

mastergrannyflats.net

hocahanim-dogalurunler.com

skoolsoftware.com

remoteittrainer.com

digitalchurchchallenge.com

poslenastishina.com

officialamandacoppotelli.com

nomadadventuretours.com

prayforlouisiana.com

prochain.finance

heroesrisingtocurecancer.com

caresalt.com

vizslatshirt.com

defengineer.com

Targets

- Target
  
  0a2fd69926acfa1ba2386418c1c17329_JaffaCakes118
- Size
  
  439KB
- MD5
  
  0a2fd69926acfa1ba2386418c1c17329
- SHA1
  
  5355ac110d047c1a52abd2eec537ac4e44195626
- SHA256
  
  9dbb63b6910aa93bdc75f3c9916d5a23c77f63260140c4d07b7a7bfd1497e8f9
- SHA512
  
  5285ebd324ef676b5f61e8fd781008328bf275d16a7e012170f6966edeec3191a33ae09070f0b6ba793b9f8a73de51880a7394eff167cb7a930d603d293af609
- SSDEEP
  
  12288:2inGLjeFI06zUshKDwV9arhTgxCPCb1JYXZ66Ju5F:MeFIZs078gxWCRJYoIgF
Score

10^/10

formbook b4630 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2