formbook

General

Target

a8b9b23727967d35a0d7361770701e65a060ee3363c099fb8b62128964f30ccf.exe
Size

1.0MB
Sample

240517-e8jntshg52
MD5

1f42a2a76639b3f3c3712f1860cfee2f
SHA1

1d4ad6125049ccd8e1d1b4579fae18937e973b41
SHA256

a8b9b23727967d35a0d7361770701e65a060ee3363c099fb8b62128964f30ccf
SHA512

9fa4504632872a19b12e446661ed729c1ef3d79cc2fa9b713fd275d333514cca4e0cdf35c02524813e79e8f3c8f151f00c331b34fec122315aa3d566601000a9
SSDEEP

24576:zAHnh+eWsN3skA4RV1Hom2KXMmHarzYMesDMu5:+h+ZkldoPK8YarsS1

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

se62

Decoy

wkb41961shv.com

bdsxm.com

renovationslandscaping.info

qhsmgysm.com

fetbody.com

injured444.live

teensfeel.us

zi59wp1h.com

dfrtrucking.com

16milevet.com

patternzi.com

homeinsectcontrolpros.com

alcosa-peru.com

rmicompletesolutions.co.za

nnhealthhk.com

fitversus.com

hgxaf155.com

hizlitakibin.com

kjhwbk.top

gokarpemed.com

Targets

- Target
  
  a8b9b23727967d35a0d7361770701e65a060ee3363c099fb8b62128964f30ccf.exe
- Size
  
  1.0MB
- MD5
  
  1f42a2a76639b3f3c3712f1860cfee2f
- SHA1
  
  1d4ad6125049ccd8e1d1b4579fae18937e973b41
- SHA256
  
  a8b9b23727967d35a0d7361770701e65a060ee3363c099fb8b62128964f30ccf
- SHA512
  
  9fa4504632872a19b12e446661ed729c1ef3d79cc2fa9b713fd275d333514cca4e0cdf35c02524813e79e8f3c8f151f00c331b34fec122315aa3d566601000a9
- SSDEEP
  
  24576:zAHnh+eWsN3skA4RV1Hom2KXMmHarzYMesDMu5:+h+ZkldoPK8YarsS1
Score

10^/10

formbook se62 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2