formbook

General

Target

961d58926f56dda9c20f87e4ae2d106e_JaffaCakes118
Size

320KB
Sample

240604-yy9baaag43
MD5

961d58926f56dda9c20f87e4ae2d106e
SHA1

be7a9a7cf80f1d510ae05294168fbe7461a68366
SHA256

d544ec91e8b5894d6ba4fd625dd5fcc0ccf8e1fe452bcf136aee6bf82450b29a
SHA512

fb2d74880be3a4d1762f7dbd27931e34afa4d27568ef364c4b4f8827bc209e2da73141bb4f56bbdccddfa85cfe87ecef266d740daa9e9064ffea5245ed8b6591
SSDEEP

6144:WjjJzPiV3Pqh2RgyCKox05AUFbTZCHo6zm1:WPR6RAa/75Am4oam1

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

ch71

Decoy

mediosonlinepanama.net

jovpyt.com

shthlw.com

bridgebiosciences.com

showmychild.com

arnaif.com

eps-inc.info

tv16698.info

epromingenieria.com

toptimiza.com

pyjhf.info

websitemerchantaccounts.com

topereaders.com

ushempalliance.com

riley-eng.com

certificatdeverre.com

jmekmall.com

theinceptionprojects.news

chris392.com

www8406w.com

Targets

- Target
  
  961d58926f56dda9c20f87e4ae2d106e_JaffaCakes118
- Size
  
  320KB
- MD5
  
  961d58926f56dda9c20f87e4ae2d106e
- SHA1
  
  be7a9a7cf80f1d510ae05294168fbe7461a68366
- SHA256
  
  d544ec91e8b5894d6ba4fd625dd5fcc0ccf8e1fe452bcf136aee6bf82450b29a
- SHA512
  
  fb2d74880be3a4d1762f7dbd27931e34afa4d27568ef364c4b4f8827bc209e2da73141bb4f56bbdccddfa85cfe87ecef266d740daa9e9064ffea5245ed8b6591
- SSDEEP
  
  6144:WjjJzPiV3Pqh2RgyCKox05AUFbTZCHo6zm1:WPR6RAa/75Am4oam1
Score

10^/10

formbook ch71 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2