formbook

General

Target

640697fb17bca815e114b38b305124aa_JaffaCakes118
Size

400KB
Sample

240521-vbk4dscc4v
MD5

640697fb17bca815e114b38b305124aa
SHA1

69fecc45676a3913b2a58b7017bfb6a284bfe3a0
SHA256

f78e509ec3ba4a6a2391ef33aa6d6bd82071bf4993f9527ad0b3c599bed5ea7f
SHA512

a97b5fb1b8d7508033caf94c09adf7f06a12a6e127f9737cb6f819c6b32fbf590d091bca035ee3d3a0e452bffe447c50038876e66f86dc34739f39414b71d21f
SSDEEP

12288:r3OdHilEQrfuPbhv/MNLwl+8L41u1EEDv:rgClEufi8NLwl+8k

Score

10^/10

formbook ko rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

ko

Decoy

html5zone.com

kennet.cloud

yakaoren.com

bestgirlswonderfulvideo.site

ramurho.com

jinkugw.com

dehraduncoachingacademy.com

lfheater.com

ungzwt.men

aliqiutian.com

lansvallarta.com

morrisimage.win

doppledecker.com

serpaca.com

inversebuy.com

businesalue.com

lotustvhouston.net

dipa.ltd

adscreate.business

xn--3ds50hcyhf6z.com

Targets

- Target
  
  640697fb17bca815e114b38b305124aa_JaffaCakes118
- Size
  
  400KB
- MD5
  
  640697fb17bca815e114b38b305124aa
- SHA1
  
  69fecc45676a3913b2a58b7017bfb6a284bfe3a0
- SHA256
  
  f78e509ec3ba4a6a2391ef33aa6d6bd82071bf4993f9527ad0b3c599bed5ea7f
- SHA512
  
  a97b5fb1b8d7508033caf94c09adf7f06a12a6e127f9737cb6f819c6b32fbf590d091bca035ee3d3a0e452bffe447c50038876e66f86dc34739f39414b71d21f
- SSDEEP
  
  12288:r3OdHilEQrfuPbhv/MNLwl+8L41u1EEDv:rgClEufi8NLwl+8k
Score

10^/10

formbook ko rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2