formbook

General

Target

JaffaCakes118_16298f8fe48a3da448dad46d2e6f0ba3b1df3c10f543d6bfae92ef4f20f91df8
Size

218KB
Sample

241229-lnw7raylfw
MD5

ffbb14f5694d5eeb2cd88c9948554bbd
SHA1

758268bd03ba80ce8ed5876b40cfd83b12ccaf9e
SHA256

16298f8fe48a3da448dad46d2e6f0ba3b1df3c10f543d6bfae92ef4f20f91df8
SHA512

1afa3f1f6f57566c131daf50a6034ec4e5801862ba0de798d8b3ff1c580b2980012ad3c6615e4d6d66ecf23c7ad672dea5ea858cc043260c16f75fd6f408adbf
SSDEEP

6144:YyCs5WKwTTINVJB4wPwAg6mDOzNnA/6pmoNqA:QiW3TIpGIf72snAiIZA

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

fn02

Decoy

wkinforresearch.com

hnfsclw.com

flow2live.com

2bveruyucdxnerf2.com

art-istratova.online

day2plus.net

finovatio.com

50706.net

theabotanicalsph.com

longcovid.run

semperempoweringequity.com

consumerismbarbarica.com

rightloaddispatching.com

tansonews.com

emakz-nih.com

dbluxurycarrentals.com

streetfood-real.store

fagamotorsperu.com

consortiumwatches.com

intodialog.com

Targets

- Target
  
  LPO NO - 19615.bin
- Size
  
  252KB
- MD5
  
  bc2c939dc95ccb7c1ab6b593c5e7fc36
- SHA1
  
  077fa9ad551e0f3eeab0807fdc090e1d7c8484dd
- SHA256
  
  915861e0bf6cb3a567b8ce22c1ab89626d9f1ab175cd8bb4eab4d8232cc2b880
- SHA512
  
  5c55ec7670fa61d314c9202a0a244c05a4e94f36c6a0ae8097b89693b5c49e2d8bf4faa1fa0dc3dd4fa721b88ac2f549735d7b38d17881217d6de5b28c0977a4
- SSDEEP
  
  6144:pb3/W+HZZn3rbykHzxjjlZoXDfVh+pehqyu50+zOzR+3OfK2:pbO+5Z36kNHobj+LDLzOw3OfK
Score

10^/10

formbook fn02 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Core1 .NET packer
  Detects packer/loader used by .NET malware.
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook family

Core1 .NET packer

Formbook payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2