formbook

General

Target

6400dce0bcaa984502231c1a8ca4bcdd_JaffaCakes118
Size

536KB
Sample

240521-t7h38sbh97
MD5

6400dce0bcaa984502231c1a8ca4bcdd
SHA1

c9961928d0c2cec15cc762e0e384c8d22889cc9f
SHA256

0f1d8850800e71e21ea5b4cf6368ff5aafd1bd9cd0b5280388767a27e04b3d80
SHA512

c1dcf5124286b2e12e9be5b538c02ada49e3a4dda434c082fb503b618d1c9dac401f7cc24df2b72c6847a4dd791193c39b48c88a2f7123317c84387d11ab2394
SSDEEP

6144:zk0N1y0dq91FBQSeEke3SIs7pZpXEuV/bF7aS7/WTrYBRk:zk0Nk91rrh8ZpXr9B7P700BRk

Score

10^/10

formbook js rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

js

Decoy

invisibleladder.com

kidswaronwaste.com

simonmillers.com

samincraft.com

cranesworld.com

nvagencia.com

descargapp.info

paidconsumersurveys.net

carnivalofsong.com

htours.net

odytjm.tech

nationalimmobilier.com

fbbhrk.info

aaabbb.xyz

jbnkgame2.info

dma777.com

shpzjr.com

dakarrepuestos.com

kaibo.info

theopulentco.com

Targets

- Target
  
  6400dce0bcaa984502231c1a8ca4bcdd_JaffaCakes118
- Size
  
  536KB
- MD5
  
  6400dce0bcaa984502231c1a8ca4bcdd
- SHA1
  
  c9961928d0c2cec15cc762e0e384c8d22889cc9f
- SHA256
  
  0f1d8850800e71e21ea5b4cf6368ff5aafd1bd9cd0b5280388767a27e04b3d80
- SHA512
  
  c1dcf5124286b2e12e9be5b538c02ada49e3a4dda434c082fb503b618d1c9dac401f7cc24df2b72c6847a4dd791193c39b48c88a2f7123317c84387d11ab2394
- SSDEEP
  
  6144:zk0N1y0dq91FBQSeEke3SIs7pZpXEuV/bF7aS7/WTrYBRk:zk0Nk91rrh8ZpXr9B7P700BRk
Score

10^/10

formbook js rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2