formbook

General

Target

cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a.exe
Size

658KB
Sample

240612-cqgqeayenr
MD5

129c5efbec2bca65b240b80f7bdf6f0a
SHA1

461467e19be4a21caf06528c8cd58f7ec04196f4
SHA256

cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a
SHA512

e929bea123b7cbc585680d783415fbef6c59c43c1168223072b8e91ee937dd9aa2d68d924667d1c05e0b01320fcea9ad9aacbaebde0aeb89f3adc46a306fef14
SSDEEP

12288:raCR5leZlNnRozsynCYh9LNQj9RCwlPQmVm8R8cWle5B+JTL:m+er/in/h9LNUHHQSJRSe5YJ

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cr12

Decoy

nff1291.com

satyainfra.com

hechiceradeamores.com

jfgminimalist.com

qut68q.com

pedandmore.com

sugardefender24-usa.us

somalse.com

lotusluxecandle.com

certificadobassetpro.com

veryaroma.com

thehistoryofindia.in

33155.cc

terastudy.net

84031.vip

heilsambegegnen.com

horizon-rg.info

junongpei.website

winstons.club

henslotalt.us

Targets

- Target
  
  cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a.exe
- Size
  
  658KB
- MD5
  
  129c5efbec2bca65b240b80f7bdf6f0a
- SHA1
  
  461467e19be4a21caf06528c8cd58f7ec04196f4
- SHA256
  
  cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a
- SHA512
  
  e929bea123b7cbc585680d783415fbef6c59c43c1168223072b8e91ee937dd9aa2d68d924667d1c05e0b01320fcea9ad9aacbaebde0aeb89f3adc46a306fef14
- SSDEEP
  
  12288:raCR5leZlNnRozsynCYh9LNQj9RCwlPQmVm8R8cWle5B+JTL:m+er/in/h9LNUHHQSJRSe5YJ
Score

10^/10

formbook cr12 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2