formbook

General

Target

52f54fe5e0f4d2bc7adfc07fc0c0860d_JaffaCakes118
Size

424KB
Sample

240518-enpz4sbb8x
MD5

52f54fe5e0f4d2bc7adfc07fc0c0860d
SHA1

e873d9f6c358dc682f2b890380f03dca4b0be400
SHA256

5ce56486be6ad1352ece4027303b0c1030fa1335f277f5fc415c5a6af2739d97
SHA512

c0adee030339807cb2fc2d40a490cb91bff41ccda8075de2090f4bbb243b564205d423852260a161840e349a1ad0211e62668ab7f7d32e9c4648bed988661c50
SSDEEP

6144:Itr7VDGsdiupZhVocOKG8psOoWd9fhEtJ0ZWNz2kgKyHYeyvOOROp8/:UJpfVxIO19pEEZWNz2kgKy4LOORO8

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

4kx

Decoy

eufood.info

theprotestmatters.com

khauchakhajina.com

008usa-xxf.com

backriverroadsportsplex.com

shopalndrinks.com

necght.xyz

summaryborrow.info

mys518.com

shopapemodeapparel.com

christineroseartiste.com

rsw2226.com

ashes-of-creation.com

shamilalyadin.com

learning-synergy.com

sendstats.net

waverdemo.tech

dubestol.com

bolterbunny.com

beerciderrebattes.com

Targets

- Target
  
  52f54fe5e0f4d2bc7adfc07fc0c0860d_JaffaCakes118
- Size
  
  424KB
- MD5
  
  52f54fe5e0f4d2bc7adfc07fc0c0860d
- SHA1
  
  e873d9f6c358dc682f2b890380f03dca4b0be400
- SHA256
  
  5ce56486be6ad1352ece4027303b0c1030fa1335f277f5fc415c5a6af2739d97
- SHA512
  
  c0adee030339807cb2fc2d40a490cb91bff41ccda8075de2090f4bbb243b564205d423852260a161840e349a1ad0211e62668ab7f7d32e9c4648bed988661c50
- SSDEEP
  
  6144:Itr7VDGsdiupZhVocOKG8psOoWd9fhEtJ0ZWNz2kgKyHYeyvOOROp8/:UJpfVxIO19pEEZWNz2kgKy4LOORO8
Score

10^/10

formbook 4kx rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2