formbook

General

Target

28012025_0020_27012025_CATALOGUE AND PRODUCT SPECIFICATION.rar
Size

551KB
Sample

250128-am97fa1lfn
MD5

8e05d7aed6b930bd141ce21f237ac703
SHA1

753a9c143e11b125125264678e10d07f61f16a41
SHA256

16d93d0abcca76f8f16f3ce8425c6a9679d99af85366fd0acba1bbf54ab1e4cd
SHA512

7477c412b2d792c842502ee11e0f3e51c513cf838f9167d7fd35524865b22cb07ba9abed468a0021b23b2a7d2b4c2cdd636b93a4803a97f60614e10fac851e80
SSDEEP

12288:JMQVc11zKHkwYWLewDx5qNDn8Zx+E8ybU5Vm5iYbVTpS/yf:JM2rE65qu+jybI6iYZVgO

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

a38m

Decoy

rtfosters.net

ental-implants-97548.bond

raphic-design-degree-15820.bond

ompraninjas.shop

indmyusedcar.today

rumptraumasupport.net

uozwear.xyz

etron.xyz

dultlivebroadcast09.today

ypegen.net

arehouse-inventory-54057.bond

27961.pizza

ortable-ai.xyz

pioxc.xyz

nline-advertising-76059.bond

rendyshack.store

pa-services88.life

aftarpragmatic218gacor.online

yb1054.shop

8x189.xyz

Targets

- Target
  
  CATALOGUE AND PRODUCTS SPECIFICATION.exe
- Size
  
  903KB
- MD5
  
  7ba977c37f03e9cb845a0c4a39df9711
- SHA1
  
  1986b7ff8521767060067c0743216723d4ecca2e
- SHA256
  
  74fcf74be99f8714a9e92ef77c66408411b1d531f9b6cec3780a9a5e78a78895
- SHA512
  
  9fde24496db7d9f41abee945d05399dad603e38175caeb039eca411b70234713d058f767fa169ef1312f267f6ccaab32bee43a3366036344b37acc34866835dc
- SSDEEP
  
  24576:uRmJkcoQricOIQxiZY1iaCj1haSRndJBAWMurJh4mH:7JZoQrbTFZY1iaCLVnHBNFh5
Score

10^/10

formbook a38m discovery rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook family
  formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook family

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2