formbook

General

Target

129c5efbec2bca65b240b80f7bdf6f0a.bin
Size

634KB
Sample

240613-bl3lmssdnj
MD5

bffaa72e5fbcb1a71e9b759effd50b5a
SHA1

87a1411484bb26457f41f3c48cbeb988c2b0eb59
SHA256

28acd7d6b80133fb4bf12f8394a037499dfe7c5ce4d54173d597026557d4f215
SHA512

6e0587d6f6208899d80dd8891179b6fdf8de5deb2cf2c9e8036710309c5bf86d1bdd8a9cb12a93465b0f794985448c472babc429bf9021fce1c86c96821d23a7
SSDEEP

12288:h2bV84WZWyAvlDITA585BkRG+z3wQ9gvDRtSDDnDSVPZlQ0Fg:sboGvlF58YGYwMgvDRtS0hlFg

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cr12

Decoy

nff1291.com

satyainfra.com

hechiceradeamores.com

jfgminimalist.com

qut68q.com

pedandmore.com

sugardefender24-usa.us

somalse.com

lotusluxecandle.com

certificadobassetpro.com

veryaroma.com

thehistoryofindia.in

33155.cc

terastudy.net

84031.vip

heilsambegegnen.com

horizon-rg.info

junongpei.website

winstons.club

henslotalt.us

Targets

- Target
  
  cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a.exe
- Size
  
  658KB
- MD5
  
  129c5efbec2bca65b240b80f7bdf6f0a
- SHA1
  
  461467e19be4a21caf06528c8cd58f7ec04196f4
- SHA256
  
  cd45d1f7f7b3589b204955cfc0e36f0f9912f288486288799ecfaddadbc80f8a
- SHA512
  
  e929bea123b7cbc585680d783415fbef6c59c43c1168223072b8e91ee937dd9aa2d68d924667d1c05e0b01320fcea9ad9aacbaebde0aeb89f3adc46a306fef14
- SSDEEP
  
  12288:raCR5leZlNnRozsynCYh9LNQj9RCwlPQmVm8R8cWle5B+JTL:m+er/in/h9LNUHHQSJRSe5YJ
Score

10^/10

formbook cr12 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2