formbook

General

Target

HAN LLEGADO LOS DOCUMENTOS ADJUNTOS-password(v6Z3UoEi).zip
Size

889KB
Sample

250113-1htxrs1jcj
MD5

bab1852ac639b0288b8b1127c9a488ce
SHA1

4d96008edf7ec659ada6c007307f9adcd82a4a1b
SHA256

63784f25a485944de47297b410a86ef06d87908700b0d91da9ac38c5121f0767
SHA512

b9df30d0361cf3d4ebc92185ccee5607fd9d111052e118b784fb535251a5b4cbf2d6f72b7834961d343ee442b68935102d5d32d547c6f75512a3b9284d7b40d1
SSDEEP

24576:aKrZ4L8W7yUau9M+5EDI5nrE8ZOAN9nkjf:l2wZiM+5E8l9bnkL

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

x07y

Decoy

oksa.life

utecak.shop

200mzeus.store

hopsphereviral.store

g6fqz07uyhlgwxf.shop

ntentwicket.asia

ele88.buzz

3233.pizza

ataract-surgery-54329.bond

utsidetheguardrails.net

lkpiou.xyz

nline-gaming-56806.bond

arehouse-inventory-23414.bond

sphalt-jobs-98701.bond

p82520.icu

hetopgraded.shop

okoresmi.life

su41k7v.xyz

lwaset.net

onitoring-devices-18459.bond

Targets

- Target
  
  HAN LLEGADO LOS DOCUMENTOS ADJUNTOS-password(v6Z3UoEi).zip
- Size
  
  889KB
- MD5
  
  bab1852ac639b0288b8b1127c9a488ce
- SHA1
  
  4d96008edf7ec659ada6c007307f9adcd82a4a1b
- SHA256
  
  63784f25a485944de47297b410a86ef06d87908700b0d91da9ac38c5121f0767
- SHA512
  
  b9df30d0361cf3d4ebc92185ccee5607fd9d111052e118b784fb535251a5b4cbf2d6f72b7834961d343ee442b68935102d5d32d547c6f75512a3b9284d7b40d1
- SSDEEP
  
  24576:aKrZ4L8W7yUau9M+5EDI5nrE8ZOAN9nkjf:l2wZiM+5E8l9bnkL
Score

1^/10
behavioral1
- Target
  
  COMPROBANTE FAC PAG 1312025pdf.zip
- Size
  
  630KB
- MD5
  
  7ffa7bd8790d363f6ce75a196fbfaaa3
- SHA1
  
  24988819575beb787dcc8ea750fc7a34212d66d8
- SHA256
  
  f74672bff56ee501992e93951a793b71e7850902a4f25a00616129aa5cad1edc
- SHA512
  
  63d5972b6a5d4a203fbc622cdf09a423f6d8f179200d2b3727945454a01e03981747b051a4b85999837d00f7b9601dad7db6f282ec3feb0377e6f3f00073fc28
- SSDEEP
  
  12288:QXICvZqhH4xGcIKho8cGZOLmBE6tlNuyoisvbXC0AOIUPR7GIzixVx:kIQLGcPhwGZmmBE6XNnRejH1GIzkT
Score

1^/10
behavioral2
- Target
  
  COMPROBANTE FAC PAG 1312025pdf.exe
- Size
  
  1.0MB
- MD5
  
  e4ae748b24c33178f1203895c632daef
- SHA1
  
  9e6bd03f721da74a1412f80ed5615c14ef85434e
- SHA256
  
  920dba5848da51e0cd39ced7ef38fd1640e9aa0142b75a5a957ef7abf879a298
- SHA512
  
  f0e9ee3d27fb29918d5b12f4aa48d66f6fe7ca13081ee1e011ecdac22506b6f45b0095a3c6655d398a9e02a84f7c56441c341a3c37fb432956f5fbde2d5154d3
- SSDEEP
  
  24576:wAHnh+eWsN3skA4RV1Hom2KXMmHaecUtHlGAcg5:nh+ZkldoPK8YaecUtHlB
Score

10^/10

formbook x07y discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral3
- Target
  
  email-html-1.txt
- Size
  
  20KB
- MD5
  
  3a7fc69de184952a924fa6b4e0f6fb0a
- SHA1
  
  e5977d08e38f988853c11c0cbd55941544f1a904
- SHA256
  
  55ca05ff83bc52def2fc2230adc20e55c7a319153d47c54dc2c84dbaabf19de4
- SHA512
  
  e31a669d99db379a9b7ff4f0a2b2c251cdd5ab4206ead050131a67f051b0f0e1cc3afb87137cc63bfe7e4fd10507c822060d0314f6a33ff753f58236cdc6e0e3
- SSDEEP
  
  192:2mAcRzQ+uf9aIskk1o+RF141h41QCHXD1121hLSEbMImXmpcRzXDuf94skk1S61R:6cNbRF1QmMLcaEvFBoLD
Score

3^/10

discovery
behavioral4