formbook

General

Target

9848ed6b330af66b3d4cc6178aed0886_JaffaCakes118
Size

801KB
Sample

240605-qvdq7sgf7x
MD5

9848ed6b330af66b3d4cc6178aed0886
SHA1

23a9b11a4c4fd868ef61e4243f684bc6ed99f799
SHA256

7d32a825867aa32e3b0bd84bbc59c7e9c6bd2aff57c0f233918f810cf8e0d7a7
SHA512

bfc90cc7f27b8949ee0341036cf853cb60331426eaa560da8504ffa97e0477c07a7ca5f459ca3994087fc2585a67ac93a93a3ccfeb4ece9e1cc5ad31bd08f969
SSDEEP

6144:Am3hioQ4wrKNdniADS4qiawVSxypCOv8XmTjkLm8nfsxF7wjimxWhcJvJwbZz:5RiOwrGdLzqqVS282vkLnfOOimc1bZ

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

dg1

Decoy

pilatesmania.life

5bcoin.com

ammowillcall.com

quickwinz.market

terigele.com

sohotoken.com

tielingwww.site

lz2b3.info

norisc.com

digitalkonsultan.com

925manbetx.com

laricipark.com

quantum7nutrition.com

xceedcg.com

hanagel.com

cane91.download

iotadocker.com

brackenupholstery.com

erfolg-sichern.online

bihuorg.com

Targets

- Target
  
  9848ed6b330af66b3d4cc6178aed0886_JaffaCakes118
- Size
  
  801KB
- MD5
  
  9848ed6b330af66b3d4cc6178aed0886
- SHA1
  
  23a9b11a4c4fd868ef61e4243f684bc6ed99f799
- SHA256
  
  7d32a825867aa32e3b0bd84bbc59c7e9c6bd2aff57c0f233918f810cf8e0d7a7
- SHA512
  
  bfc90cc7f27b8949ee0341036cf853cb60331426eaa560da8504ffa97e0477c07a7ca5f459ca3994087fc2585a67ac93a93a3ccfeb4ece9e1cc5ad31bd08f969
- SSDEEP
  
  6144:Am3hioQ4wrKNdniADS4qiawVSxypCOv8XmTjkLm8nfsxF7wjimxWhcJvJwbZz:5RiOwrGdLzqqVS282vkLnfOOimc1bZ
Score

10^/10

formbook dg1 agilenet rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Obfuscated with Agile.Net obfuscator

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2