formbook

General

Target

Details of Your Etisalat Summary Bill for the Month of May 2024.exe
Size

1.0MB
Sample

240528-qcmldsee61
MD5

aa15c6bc55041b534268e0a07c5f0abc
SHA1

0b73953d2ea38ba9e4a996f96eb4426da818b854
SHA256

87f7f23776e3b70ce5a9f4095028edf855402cee27433be2b7d65c513cf25235
SHA512

8de557cfd9cb756fedb7dbe3880dcbd397405b6c3f7802f25010cb9d1bf775309ebd6165253ba7028b7c192a90d741555ac4b55814db4ad25cb054ae97a4f9bf
SSDEEP

24576:rAHnh+eWsN3skA4RV1Hom2KXMmHaWSLwh47/N5:Gh+ZkldoPK8YaWSV/

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

da29

Decoy

kas-travel.com

hy1618.net

biosrch.com

sharvellestudio.com

56416.ooo

953700958.com

500051.com

clic.coach

veriosg.xyz

aptsafety.com

cucinaconestilo.com

sercettopper.com

diycoldplungetub.com

hostingopinion.com

mediatechnologysolutions.com

nodogwifnohat.com

ethpiee.com

tragaperrasbares.com

bbbcf.top

jtxu6.top

Targets

- Target
  
  Details of Your Etisalat Summary Bill for the Month of May 2024.exe
- Size
  
  1.0MB
- MD5
  
  aa15c6bc55041b534268e0a07c5f0abc
- SHA1
  
  0b73953d2ea38ba9e4a996f96eb4426da818b854
- SHA256
  
  87f7f23776e3b70ce5a9f4095028edf855402cee27433be2b7d65c513cf25235
- SHA512
  
  8de557cfd9cb756fedb7dbe3880dcbd397405b6c3f7802f25010cb9d1bf775309ebd6165253ba7028b7c192a90d741555ac4b55814db4ad25cb054ae97a4f9bf
- SSDEEP
  
  24576:rAHnh+eWsN3skA4RV1Hom2KXMmHaWSLwh47/N5:Gh+ZkldoPK8YaWSV/
Score

10^/10

formbook da29 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2