formbook

General

Target

d7e1f067ee0b2d5556d1f7b1fdee8b0cf099ca3f45cf412d115440d79d76ebb1
Size

643KB
Sample

240519-dgb91aeh91
MD5

54c09b432ceed3439d758f235ac8ec1d
SHA1

c384270d0c1f59c48b36614c20d31d8591600bf1
SHA256

d7e1f067ee0b2d5556d1f7b1fdee8b0cf099ca3f45cf412d115440d79d76ebb1
SHA512

df0a62086926edaa2d011439cbee9e25c70440e847e0e21430caa419b79220ebbb613d43ec4a2dbc5d655571f556c8c6693b1e4d324b357f189519cb93d32cdb
SSDEEP

12288:7drLbDZaNRpA40Yo2W1ymtumaumtf+aqf+cx8GdMPhvla3i:pLDZMRpxlu8kumRmKMP+

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

sl07

Decoy

stryper.net

riseandvibetime.com

thebenmorley.com

kdfdq.com

pet4cus.com

agrosoft.farm

utopiagood.com

sanduskyspeedway.com

eldozz-quarter.top

weixuninvest.com

taxiboativano.net

odvip377.com

bubblegome.com

peakwealtharchitects.com

mondaytoyoulive.lat

huohullq.com

the-inferno-slots-casino.top

yy88abcd88yyy.xyz

azbenfica.com

hunectar.com

Targets

- Target
  
  d7e1f067ee0b2d5556d1f7b1fdee8b0cf099ca3f45cf412d115440d79d76ebb1
- Size
  
  643KB
- MD5
  
  54c09b432ceed3439d758f235ac8ec1d
- SHA1
  
  c384270d0c1f59c48b36614c20d31d8591600bf1
- SHA256
  
  d7e1f067ee0b2d5556d1f7b1fdee8b0cf099ca3f45cf412d115440d79d76ebb1
- SHA512
  
  df0a62086926edaa2d011439cbee9e25c70440e847e0e21430caa419b79220ebbb613d43ec4a2dbc5d655571f556c8c6693b1e4d324b357f189519cb93d32cdb
- SSDEEP
  
  12288:7drLbDZaNRpA40Yo2W1ymtumaumtf+aqf+cx8GdMPhvla3i:pLDZMRpxlu8kumRmKMP+
Score

10^/10

formbook sl07 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2