formbook

General

Target

5ac0c92372850980aa91d04754ece1f1_JaffaCakes118
Size

229KB
Sample

240519-wx4nasbc61
MD5

5ac0c92372850980aa91d04754ece1f1
SHA1

36e35bf4f7e1881a520c03a85ce0a01176313c00
SHA256

640954d4ebc38cbeb5902ca26620dd8707fcde08afb4a03c58085a3c8f46abc8
SHA512

c135a6bc82c4ef9016a7923a308d7b0482ac542b769d52c919e5e57121a3bef5ad49d5361a20d3ee2d8d234bd61dadc9b611a7cff85fd0dcd311297c6c7f80ca
SSDEEP

3072:hArak7/olcUdP2QLiFLGFfP6FpWifj2EslWhX0L2EtzCy8em1EU23LWa3GpKq9qz:2BAHLmiNXirpXAH+H1+3LWzB9

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

upah

Decoy

ulwsh.com

sba80.com

mariodiasmusic.com

tedxuoftmississauga.com

fashionstylerpro.com

texasnavybrazoriacounty.com

pm917fip.biz

crmmigration.com

yupfn.info

thoughtfulmen.com

hdtongshijie.com

lpsmalabanan.com

hermes-gtd.com

thomasgharvey.com

reclamevis.com

realmomvlogs.com

frtbsq.men

klintagarden.com

greatvapeco.com

etnastrategies.info

Targets

- Target
  
  5ac0c92372850980aa91d04754ece1f1_JaffaCakes118
- Size
  
  229KB
- MD5
  
  5ac0c92372850980aa91d04754ece1f1
- SHA1
  
  36e35bf4f7e1881a520c03a85ce0a01176313c00
- SHA256
  
  640954d4ebc38cbeb5902ca26620dd8707fcde08afb4a03c58085a3c8f46abc8
- SHA512
  
  c135a6bc82c4ef9016a7923a308d7b0482ac542b769d52c919e5e57121a3bef5ad49d5361a20d3ee2d8d234bd61dadc9b611a7cff85fd0dcd311297c6c7f80ca
- SSDEEP
  
  3072:hArak7/olcUdP2QLiFLGFfP6FpWifj2EslWhX0L2EtzCy8em1EU23LWa3GpKq9qz:2BAHLmiNXirpXAH+H1+3LWzB9
Score

10^/10

formbook upah rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2