formbook

General

Target

108156ae3609706003c6cefd6335c554_JaffaCakes118
Size

368KB
Sample

240503-pjadzagc36
MD5

108156ae3609706003c6cefd6335c554
SHA1

9ad9e65ee4407162beb14eb33859ffc77451e7fb
SHA256

535d92c4a194c64723fdf9b7279f033085c0861d93b9f43747320759fd172afc
SHA512

72ec03a163d291c9fc8e73689e63e0b55aa78d2c97e83b2187d581592d09a7ab361004ce72ee9a8792dee6c36a4a6ffda80391106afc2a1e7733653f813b247f
SSDEEP

3072:aFFyrH+tfkhzjvRYkYjvnNfugsIN23+q7cuZv2kjgyoWOuClDfujpITpVxzApTld:aiHGIRYtvZughqLFeuwi0pVaY

Score

10^/10

formbook jc rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

jc

Decoy

petfashionvalley.com

sisermexico.com

mycityneighbors.com

trojanerhilfe.com

2012mi.com

bitcoinkeith.com

integracube.com

portalgnu.com

xingcaiyule2.com

saasgroceries.com

groupulljimzasac.com

sscfz.win

microauditoria.com

grandijen.com

beautiebootik.com

trb899.com

autobittrex.com

greeksinbritain.com

flamingouno.com

agencecuivre.com

Targets

- Target
  
  108156ae3609706003c6cefd6335c554_JaffaCakes118
- Size
  
  368KB
- MD5
  
  108156ae3609706003c6cefd6335c554
- SHA1
  
  9ad9e65ee4407162beb14eb33859ffc77451e7fb
- SHA256
  
  535d92c4a194c64723fdf9b7279f033085c0861d93b9f43747320759fd172afc
- SHA512
  
  72ec03a163d291c9fc8e73689e63e0b55aa78d2c97e83b2187d581592d09a7ab361004ce72ee9a8792dee6c36a4a6ffda80391106afc2a1e7733653f813b247f
- SSDEEP
  
  3072:aFFyrH+tfkhzjvRYkYjvnNfugsIN23+q7cuZv2kjgyoWOuClDfujpITpVxzApTld:aiHGIRYtvZughqLFeuwi0pVaY
Score

10^/10

formbook jc rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2