formbook

General

Target

608b3c7d4092ba03e8393c5b6102cc34_JaffaCakes118
Size

688KB
Sample

240520-w2ppyacg6s
MD5

608b3c7d4092ba03e8393c5b6102cc34
SHA1

5f81869f67b5376317e496447431cc0e1924f2f9
SHA256

75126a9e47774b66c23d7bee87c4b1fdb2be6abc37b28d65eb842324956cd8f5
SHA512

ebc34a35436ca07ac3687d1841946a7ffc4e3556cfe498f5d9ef6ac410cfab82e49c77ba94d03f364934f136660b6db0a5788563da8c0ebf1170c853800f3725
SSDEEP

12288:SIfeAaArx2xis71SNHHF9VDc7/PXJ93zsWmNSZk:H93Gi1FjsXJ934dNSZ

Score

10^/10

formbook l5 rat spyware stealer trojan upx

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

l5

Decoy

riverchaseapts.net

0430pe.com

nbgift.net

ehkhwn.win

immatthall.com

fkslc.info

breakthroughmediadon.com

eatorganic.life

okcitytowing.com

egaodomain.com

krenbc.com

lavi.ltd

sport-score.com

romskicentar.com

junkyard.design

xn--55q83b758aihq.com

phonerepairlocal.com

5656868.com

1s7onework.men

elizabethreidinteriordesign.com

Targets

- Target
  
  608b3c7d4092ba03e8393c5b6102cc34_JaffaCakes118
- Size
  
  688KB
- MD5
  
  608b3c7d4092ba03e8393c5b6102cc34
- SHA1
  
  5f81869f67b5376317e496447431cc0e1924f2f9
- SHA256
  
  75126a9e47774b66c23d7bee87c4b1fdb2be6abc37b28d65eb842324956cd8f5
- SHA512
  
  ebc34a35436ca07ac3687d1841946a7ffc4e3556cfe498f5d9ef6ac410cfab82e49c77ba94d03f364934f136660b6db0a5788563da8c0ebf1170c853800f3725
- SSDEEP
  
  12288:SIfeAaArx2xis71SNHHF9VDc7/PXJ93zsWmNSZk:H93Gi1FjsXJ934dNSZ
Score

10^/10

formbook l5 rat spyware stealer trojan upx
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

UPX packed file

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2