formbook

General

Target

d47cb61772024784a91b552885b4d0c9_JaffaCakes118
Size

825KB
Sample

240908-qx3hca1ekh
MD5

d47cb61772024784a91b552885b4d0c9
SHA1

9572f6651e59ea8474abbb5b6ea4fd32e1d19603
SHA256

f41ce77e4a64ef9beba0ef431bba14adc1f79e978aa93b70eeeef9873700f7ab
SHA512

b6f27ccd48005ab231b2ab65345a64a5fe610cc178fb488c4463e57aa01db4124b228279be2c9fb5306587450d62b1f994db0bb2d69b725986986f9730e29dec
SSDEEP

24576:mzWBFVAOs3mBOzqsYSltm1ruR3Wr6ZWIcY8DqSiI5rYNXPD:mSzVAOaV1+1k3A6YKrI58NXPD

Score

10^/10

formbook ch discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

ch

Decoy

hfhsh.com

innerlightmemoirs.com

qinmingshengshi.net

kambansal.com

oodlsofart.com

eyesofmidfl.com

bjcjpme.com

trafficsiren.com

drinky.world

mamaesabetudo.com

dulcevitae.com

climatecrap.com

sparte7.com

senken.net

davidkullman.com

testerreviews.com

justjesusministries.com

happyhealthyou.fitness

askanauautoinsuranceok.live

confettiicouture.com

Targets

- Target
  
  d47cb61772024784a91b552885b4d0c9_JaffaCakes118
- Size
  
  825KB
- MD5
  
  d47cb61772024784a91b552885b4d0c9
- SHA1
  
  9572f6651e59ea8474abbb5b6ea4fd32e1d19603
- SHA256
  
  f41ce77e4a64ef9beba0ef431bba14adc1f79e978aa93b70eeeef9873700f7ab
- SHA512
  
  b6f27ccd48005ab231b2ab65345a64a5fe610cc178fb488c4463e57aa01db4124b228279be2c9fb5306587450d62b1f994db0bb2d69b725986986f9730e29dec
- SSDEEP
  
  24576:mzWBFVAOs3mBOzqsYSltm1ruR3Wr6ZWIcY8DqSiI5rYNXPD:mSzVAOaV1+1k3A6YKrI58NXPD
Score

10^/10

formbook ch discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2