formbook

General

Target

MalwareBazaar.3
Size

1.1MB
Sample

240725-tgvz4syglp
MD5

e5834e14777d7df91dc61f75c796e07a
SHA1

1307720fcf7f9df9dc5d3f7393229b92f56b2480
SHA256

acf03676e5dd002d0dc94a2b50e83dda78d287ee9b07ad2c9659688310015820
SHA512

048b73353999a417d239f488743656dee95b0b3b8ed8a0c8adca5ba9474ffbc2d22223d51e4b852bf6bbb189ad3bb127ae59f2d062e8171f77b0223b4bca31cc
SSDEEP

24576:/qDEvCTbMWu7rQYlBQcBiT6rprG8aLHqGzPdlAx:/TvC/MTQYxsWR7aLHbzPD

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ty31

Decoy

jejakunik.com

inb319.com

jifsjn.buzz

gkyukon.site

43443.cfd

cogil69id.com

oeaog.com

lpgatm.com

mymarketsales.com

tomclk.icu

404417.online

nysconstruction.com

ourwisequote.com

ahsanadvisory.com

ottawaherps.com

forevermust.com

apartments-for-rent-47679.bond

kdasjijaksdd.icu

buthaynah.com

manggungjayakanopi.com

Targets

- Target
  
  MalwareBazaar.3
- Size
  
  1.1MB
- MD5
  
  e5834e14777d7df91dc61f75c796e07a
- SHA1
  
  1307720fcf7f9df9dc5d3f7393229b92f56b2480
- SHA256
  
  acf03676e5dd002d0dc94a2b50e83dda78d287ee9b07ad2c9659688310015820
- SHA512
  
  048b73353999a417d239f488743656dee95b0b3b8ed8a0c8adca5ba9474ffbc2d22223d51e4b852bf6bbb189ad3bb127ae59f2d062e8171f77b0223b4bca31cc
- SSDEEP
  
  24576:/qDEvCTbMWu7rQYlBQcBiT6rprG8aLHqGzPdlAx:/TvC/MTQYxsWR7aLHbzPD
Score

10^/10

formbook ty31 discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2