formbook

General

Target

ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e.exe
Size

2.7MB
Sample

240531-b1yw1abd86
MD5

b58f5c667e17dfc7676ab4ad6486d4b7
SHA1

74f1d9439717967e1ed6609fdd6147d7d2ee322b
SHA256

ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e
SHA512

92c742c52e3b8db34db60a9a4c79efd54dc8de75503ca3d1cf50eb47dc2a0b0244f20d3683d475dba6ad104c77dbbd1138d05a6b42370023a19463f68b014b49
SSDEEP

49152:f58v2DM9t0AQc0HMvSUwKqLZWtUcvfS3e1C/lyuQCSqqHsJ2XWg7/:fWv2M9t0An0mi9veIlyYma2Xn7/

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fa27

Decoy

allconseil.com

3-k.top

practical-prototyping.com

kipoxz.xyz

dental-implants-66586.bond

cyphernft.com

nicolemariani.com

suacuasattannoi.com

2023woaidianying8.com

ballerhaul.com

pintobeansnutrition.com

shelving-solution.com

reuralnenworknou.net

childrenscottageschool.com

tekkist.com

dogostrength.com

phoenixstudy.net

emoxos.top

8898892dh1.online

esounsoaps.com

Targets

- Target
  
  ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e.exe
- Size
  
  2.7MB
- MD5
  
  b58f5c667e17dfc7676ab4ad6486d4b7
- SHA1
  
  74f1d9439717967e1ed6609fdd6147d7d2ee322b
- SHA256
  
  ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e
- SHA512
  
  92c742c52e3b8db34db60a9a4c79efd54dc8de75503ca3d1cf50eb47dc2a0b0244f20d3683d475dba6ad104c77dbbd1138d05a6b42370023a19463f68b014b49
- SSDEEP
  
  49152:f58v2DM9t0AQc0HMvSUwKqLZWtUcvfS3e1C/lyuQCSqqHsJ2XWg7/:fWv2M9t0An0mi9veIlyYma2Xn7/
Score

10^/10

formbook fa27 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2