formbook

General

Target

c0126f29188353d5cc569ac4c7430b15aecebf14a60dd9dcac498fd3dc299e0d
Size

591KB
Sample

240525-dc3amaca6t
MD5

3e9ed562d7396b0cf40e2eef56bfb08e
SHA1

6438ac88a4e0f722318e80bf5077489c8af64a91
SHA256

c0126f29188353d5cc569ac4c7430b15aecebf14a60dd9dcac498fd3dc299e0d
SHA512

2be71dcf1613979e2bca74401533b80995effc9d90c0d84b1b491f92d3d8f2065f0bb2632165918fd91ff3ec0f58ea74fdf1ecbe99d553f97021b6cec86546c6
SSDEEP

12288:vI361h61EWGiSOEMDy83Q2G2h0AQY06NuROqnEcptjOOhnLMIjq0wrVA61:vtY7GiSOEMDy8g2k+06BqVpJfPwrz

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fs35

Decoy

latechdz.com

sdp-ploce.com

ss203.site

sm6yuy.net

needstothink.com

heginstwp.com

blueplumespirit.com

vemconferirshop.click

yorent-auto.com

eleononaly.com

medicalspacelocators.com

7law.info

imacanberra.online

bbtyss.top

onlyanfans.com

varenty.com

fappies.shop

313865.com

hongpools.com

babkacuisine.xyz

Targets

- Target
  
  c0126f29188353d5cc569ac4c7430b15aecebf14a60dd9dcac498fd3dc299e0d
- Size
  
  591KB
- MD5
  
  3e9ed562d7396b0cf40e2eef56bfb08e
- SHA1
  
  6438ac88a4e0f722318e80bf5077489c8af64a91
- SHA256
  
  c0126f29188353d5cc569ac4c7430b15aecebf14a60dd9dcac498fd3dc299e0d
- SHA512
  
  2be71dcf1613979e2bca74401533b80995effc9d90c0d84b1b491f92d3d8f2065f0bb2632165918fd91ff3ec0f58ea74fdf1ecbe99d553f97021b6cec86546c6
- SSDEEP
  
  12288:vI361h61EWGiSOEMDy83Q2G2h0AQY06NuROqnEcptjOOhnLMIjq0wrVA61:vtY7GiSOEMDy8g2k+06BqVpJfPwrz
Score

10^/10

formbook fs35 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2