formbook

General

Target

735e84ac1205e9dd7816c85f7706afb4_JaffaCakes118
Size

733KB
Sample

240525-1rymbacc86
MD5

735e84ac1205e9dd7816c85f7706afb4
SHA1

2894b5d49235df4845f15477d835c9b78ec08e72
SHA256

dd97d41dbcea146c66d6a62f152d2b86bd60122b920d17eb11c8d639d338c779
SHA512

f3b14d69d62ca59693f72369126c5419188a5f7f33f4d188f439021aff5b8f095593d9ab8a8867b17dfda0ef7eac80287451fee33882ffd460535642fdc46d99
SSDEEP

12288:lF8UUt63DaFFRTImFKqQg7O1W/5N6NspDeaYUEuE5:lTUt63DaFFYqOMRN6IDf7e

Score

10^/10

formbook ma rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.0

Campaign

ma

Decoy

painmedos.com

sp5ce.com

woldtv.com

zpc.ink

makrobet829.com

ar868.com

hakuneko.com

8-lab.info

test-gopalsep14.store

latiendaimportados.com

bakerysweetcheeks.com

nwklb9ze2p0.biz

startosizmir.com

sterilizedknqwp.download

rriivernyile.com

managementcover.site

beach.expert

huamzw.com

emojis3d.com

pissonagrave.com

Targets

- Target
  
  735e84ac1205e9dd7816c85f7706afb4_JaffaCakes118
- Size
  
  733KB
- MD5
  
  735e84ac1205e9dd7816c85f7706afb4
- SHA1
  
  2894b5d49235df4845f15477d835c9b78ec08e72
- SHA256
  
  dd97d41dbcea146c66d6a62f152d2b86bd60122b920d17eb11c8d639d338c779
- SHA512
  
  f3b14d69d62ca59693f72369126c5419188a5f7f33f4d188f439021aff5b8f095593d9ab8a8867b17dfda0ef7eac80287451fee33882ffd460535642fdc46d99
- SSDEEP
  
  12288:lF8UUt63DaFFRTImFKqQg7O1W/5N6NspDeaYUEuE5:lTUt63DaFFYqOMRN6IDf7e
Score

10^/10

formbook ma rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2