formbook

General

Target

371796cb762c7b686b0b81fe0028b06ac9908488ac0598ffe2fbbb7f66e675f7.exe
Size

683KB
Sample

240613-tqt46szdrk
MD5

9a1d07c40f260be6ee003d9ae877614b
SHA1

5267de2f302b9f20d21307f9e5c02887ecd7377c
SHA256

371796cb762c7b686b0b81fe0028b06ac9908488ac0598ffe2fbbb7f66e675f7
SHA512

35b17567e170b32134c0d6dc03693ed44dfc7fbbbbeb8787a456bc20a97a4f5dba268452e8776098861a3f3fdce69e1080638a5c7bb3ce9f5b8b650c912765aa
SSDEEP

12288:IdXtfETu34NF6Zt4A8p56+gY7RrGcarLTj5S4A4hxl+gt9zoVYz2yUc:Id92amF6Mt3gYgcar/AeX+yE2z/

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

cr12

Decoy

nff1291.com

satyainfra.com

hechiceradeamores.com

jfgminimalist.com

qut68q.com

pedandmore.com

sugardefender24-usa.us

somalse.com

lotusluxecandle.com

certificadobassetpro.com

veryaroma.com

thehistoryofindia.in

33155.cc

terastudy.net

84031.vip

heilsambegegnen.com

horizon-rg.info

junongpei.website

winstons.club

henslotalt.us

Targets

- Target
  
  371796cb762c7b686b0b81fe0028b06ac9908488ac0598ffe2fbbb7f66e675f7.exe
- Size
  
  683KB
- MD5
  
  9a1d07c40f260be6ee003d9ae877614b
- SHA1
  
  5267de2f302b9f20d21307f9e5c02887ecd7377c
- SHA256
  
  371796cb762c7b686b0b81fe0028b06ac9908488ac0598ffe2fbbb7f66e675f7
- SHA512
  
  35b17567e170b32134c0d6dc03693ed44dfc7fbbbbeb8787a456bc20a97a4f5dba268452e8776098861a3f3fdce69e1080638a5c7bb3ce9f5b8b650c912765aa
- SSDEEP
  
  12288:IdXtfETu34NF6Zt4A8p56+gY7RrGcarLTj5S4A4hxl+gt9zoVYz2yUc:Id92amF6Mt3gYgcar/AeX+yE2z/
Score

10^/10

formbook cr12 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2