formbook

General

Target

b58f5c667e17dfc7676ab4ad6486d4b7.bin
Size

2.4MB
Sample

240601-dlsgsagd55
MD5

1a96e7de8f6e1bd097b679a76408d0aa
SHA1

f8a948fd82ac21f974c37e82a1eca57d05e5250c
SHA256

0a1fb54ad7b9366c9a754183ba0602bb75203db87227a75d85ac347d0c6b6818
SHA512

eb4a76d0c8d46dc24f43e6c060c447e3710d1194bd5fea23453acead5329fe0b453283e17e670baa7928cb9facfe25096ad098e88637b48f591cceb2e5e701c0
SSDEEP

49152:V+rIPlDyCejFx0hnhy736ZjWdH10YYPzMU4NrzMzqkvr6jVB7:VqAHhftWUP541IO9jVB7

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fa27

Decoy

allconseil.com

3-k.top

practical-prototyping.com

kipoxz.xyz

dental-implants-66586.bond

cyphernft.com

nicolemariani.com

suacuasattannoi.com

2023woaidianying8.com

ballerhaul.com

pintobeansnutrition.com

shelving-solution.com

reuralnenworknou.net

childrenscottageschool.com

tekkist.com

dogostrength.com

phoenixstudy.net

emoxos.top

8898892dh1.online

esounsoaps.com

Targets

- Target
  
  ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e.exe
- Size
  
  2.7MB
- MD5
  
  b58f5c667e17dfc7676ab4ad6486d4b7
- SHA1
  
  74f1d9439717967e1ed6609fdd6147d7d2ee322b
- SHA256
  
  ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e
- SHA512
  
  92c742c52e3b8db34db60a9a4c79efd54dc8de75503ca3d1cf50eb47dc2a0b0244f20d3683d475dba6ad104c77dbbd1138d05a6b42370023a19463f68b014b49
- SSDEEP
  
  49152:f58v2DM9t0AQc0HMvSUwKqLZWtUcvfS3e1C/lyuQCSqqHsJ2XWg7/:fWv2M9t0An0mi9veIlyYma2Xn7/
Score

10^/10

formbook fa27 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2