formbook

General

Target

639066f415f7a4dc58e1890975e9fcc5_JaffaCakes118
Size

564KB
Sample

240521-rgexsagf46
MD5

639066f415f7a4dc58e1890975e9fcc5
SHA1

b97a2f3afbf5b09e155cd99d035cf6f2e3f347f2
SHA256

9bac39b4b986f2f96008c4c6c05cf72ddc6398d99d874525058b654b52cfd64d
SHA512

7d671232f99178c708ba3cb47e93e14046bbd9ec5a27942156ec07d2911be9b4f43cd56b9a2d2eb8cb71e3f7c25d6ebfbeab4ab15ae7501cf368aee06c00f38e
SSDEEP

12288:Rb3RoudOSY3hsmJ6LQ3j2rBFr55AoOiMsos1kubd:Rb3RrdOSKRJ6LQ3j2NFrTHZNJbd

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

i01

Decoy

viagensbaratasonline.com

lacuevaelmirlo.net

genevaly.com

analpornolariizle.com

rupee.network

pay69645.com

superhsr.com

foammemorymattress.com

jolded.com

bbb684.com

diabetessimplesweet.com

bybeast.com

keut.world

xxjj10.com

youde-88.com

highkickproductions.com

beijingzhjy.com

partnership-aid.com

sehorecollegesehore.com

wangluopay.com

Targets

- Target
  
  639066f415f7a4dc58e1890975e9fcc5_JaffaCakes118
- Size
  
  564KB
- MD5
  
  639066f415f7a4dc58e1890975e9fcc5
- SHA1
  
  b97a2f3afbf5b09e155cd99d035cf6f2e3f347f2
- SHA256
  
  9bac39b4b986f2f96008c4c6c05cf72ddc6398d99d874525058b654b52cfd64d
- SHA512
  
  7d671232f99178c708ba3cb47e93e14046bbd9ec5a27942156ec07d2911be9b4f43cd56b9a2d2eb8cb71e3f7c25d6ebfbeab4ab15ae7501cf368aee06c00f38e
- SSDEEP
  
  12288:Rb3RoudOSY3hsmJ6LQ3j2rBFr55AoOiMsos1kubd:Rb3RrdOSKRJ6LQ3j2NFrTHZNJbd
Score

10^/10

formbook i01 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2