formbook

General

Target

51507a0c76ccc002ad56782192d5257a_JaffaCakes118
Size

1.2MB
Sample

240517-y37y1shc56
MD5

51507a0c76ccc002ad56782192d5257a
SHA1

bd38cc47586688595625f85f6a09e48a2c06287c
SHA256

8c7a53c895aa1223a5dfde8ead365d9cbb4e8b868e81fbe9c52c3d203c5e1dba
SHA512

60d01558d5cb56cdd39a27d6f1dde3860fd51932cad1ca453194863cb25626d90f6ee0602efc900d55ead28a16d9130716a6605cb55d579ad1ae0f847960a354
SSDEEP

24576:6tb20pkaCqT5TBWgNQ7aGnTSxiQyCNOnck6A:nVg5tQ7aGSiQyC65

Score

10^/10

formbook di rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

di

Decoy

baoxiaofan.com

bestwaycartage.com

sag-architecture.com

salamcanteen.com

clinicalpsychologistkerala.com

mttv222.com

theweproject.com

fybbracelets.net

vv666h.com

bangfupin.com

arkprojetos.com

realgoaldigger.com

pilotedphotography.com

6zonxm55.biz

gaoduanmi.com

aminahmad.com

bountymarketing.net

christopher-rennebach.com

02xjys.faith

estilomiau.com

Targets

- Target
  
  51507a0c76ccc002ad56782192d5257a_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  51507a0c76ccc002ad56782192d5257a
- SHA1
  
  bd38cc47586688595625f85f6a09e48a2c06287c
- SHA256
  
  8c7a53c895aa1223a5dfde8ead365d9cbb4e8b868e81fbe9c52c3d203c5e1dba
- SHA512
  
  60d01558d5cb56cdd39a27d6f1dde3860fd51932cad1ca453194863cb25626d90f6ee0602efc900d55ead28a16d9130716a6605cb55d579ad1ae0f847960a354
- SSDEEP
  
  24576:6tb20pkaCqT5TBWgNQ7aGnTSxiQyCNOnck6A:nVg5tQ7aGSiQyC65
Score

10^/10

formbook di rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2