formbook

General

Target

8490814de7e8c28c7bd10ff26417fbe0_NeikiAnalytics.exe
Size

1.0MB
Sample

240525-mypfbsea31
MD5

8490814de7e8c28c7bd10ff26417fbe0
SHA1

e16da889e40e3e99603890344b261ae1dc24a846
SHA256

e61197136373c59dcb8d919ee6504fc0200718bb27a2fd39333af0f6ef73cf09
SHA512

61b30dff356e8ced6e118223d4c5fe5f16202f4adf837a57732a357d3c24ba4bf3781937bd27c03400c780a7d09abfac5df998f6294cc5cfb4f94d4b3d45d1cd
SSDEEP

24576:sAHnh+eWsN3skA4RV1Hom2KXMmHaizL/VwM4CPb2x5:Lh+ZkldoPK8YaiP2MFI

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

es13

Decoy

xn--p5tz1dc38d1tj.com

letszum.co

16475.autos

eat.company

ruletka-no-zero.store

mizj1yg0.shop

sxyaddhlmk.top

wlgj6789.cc

mammamiacookbook.com

sunart.tech

dutajp.co

odty58.app

newparentssupport.com

p2pprofitarbitrage.com

yeqzik.xyz

ncheikta.website

golfwick.com

premiumproducts.co.in

gemeinde-warringholz.com

bancamarch-web-avisos.com

Targets

- Target
  
  8490814de7e8c28c7bd10ff26417fbe0_NeikiAnalytics.exe
- Size
  
  1.0MB
- MD5
  
  8490814de7e8c28c7bd10ff26417fbe0
- SHA1
  
  e16da889e40e3e99603890344b261ae1dc24a846
- SHA256
  
  e61197136373c59dcb8d919ee6504fc0200718bb27a2fd39333af0f6ef73cf09
- SHA512
  
  61b30dff356e8ced6e118223d4c5fe5f16202f4adf837a57732a357d3c24ba4bf3781937bd27c03400c780a7d09abfac5df998f6294cc5cfb4f94d4b3d45d1cd
- SSDEEP
  
  24576:sAHnh+eWsN3skA4RV1Hom2KXMmHaizL/VwM4CPb2x5:Lh+ZkldoPK8YaiP2MFI
Score

10^/10

formbook es13 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2