formbook | a2fe38f4db69af965d119f88994d02f96a3e8bd46a18de8ee7bc67369ace48eb | Triage

Resubmissions

03-10-2024 00:15

241003-aj61lsyakc 10

03-10-2024 00:03

241003-ab54catfqk 10

Sharing

General

Target

0d033a274941308ccc748e7f2ed7c88c_JaffaCakes118
Size

797KB
Sample

241003-aj61lsyakc
MD5

0d033a274941308ccc748e7f2ed7c88c
SHA1

7a165113237c3ca1d3286b18b4cf9b52a8aef149
SHA256

a2fe38f4db69af965d119f88994d02f96a3e8bd46a18de8ee7bc67369ace48eb
SHA512

315121092a8f503deba8b9fb29022973275a102cefef1a323e0e0f0a858e75bd705140a7365b4b371e4155f0562b9b4a9d3904ee40b15dae5212b737326a1574
SSDEEP

12288:M7eySa2hjw/CLyOLn8dag7OsPauFCc2EQlhOU:jpwKLyOAdNv2HB

Score

10^/10

formbook g1 discovery rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.9

Campaign

g1

Decoy

careheartcoordination.net

beatu.info

tampaperiodontics.net

skimountainlodging.com

bareitmarketing.com

lol-mail.com

0fax.net

bigtraffic4upgrade.review

americanphysicianservices.com

mecasignal.com

healthcaremanagementsalary.com

frimail.net

wwwylh04.com

sexwithnosex.com

gofundmehomes.info

bggck.info

solutions4appstore.com

lesbbmajeurs.com

yunihealth.com

amritayoga-shonan.com

Targets

- Target
  
  0d033a274941308ccc748e7f2ed7c88c_JaffaCakes118
- Size
  
  797KB
- MD5
  
  0d033a274941308ccc748e7f2ed7c88c
- SHA1
  
  7a165113237c3ca1d3286b18b4cf9b52a8aef149
- SHA256
  
  a2fe38f4db69af965d119f88994d02f96a3e8bd46a18de8ee7bc67369ace48eb
- SHA512
  
  315121092a8f503deba8b9fb29022973275a102cefef1a323e0e0f0a858e75bd705140a7365b4b371e4155f0562b9b4a9d3904ee40b15dae5212b737326a1574
- SSDEEP
  
  12288:M7eySa2hjw/CLyOLn8dag7OsPauFCc2EQlhOU:jpwKLyOAdNv2HB
Score

10^/10

formbook g1 discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookg1discoveryratspywarestealertrojan