formbook

General

Target

206f17d8a641d884bba4bf29413d8c11ececdc220a22777455b23f1cad77dd9d.exe
Size

1.1MB
Sample

240615-pe3jyszfjg
MD5

d345b1de15380a01c02ae2ba9c941a42
SHA1

77390e269cee60467364dedcdc4b5156e634d6a8
SHA256

206f17d8a641d884bba4bf29413d8c11ececdc220a22777455b23f1cad77dd9d
SHA512

4bbb55cd1666dfe1bc13dd315efda50dc3d475fdd942f90834c6c7a61a089cf2d3f39997f249ede6593acc49c4ab1102e555eebec093ab38a95c7b09569fd6f2
SSDEEP

24576:zAHnh+eWsN3skA4RV1Hom2KXMmHaungmQu7/d+gIM5:+h+ZkldoPK8Yaun3/d/f

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ss63

Decoy

catpig.xyz

chatladyanzensei7.site

onewayonepaydroptaxi.com

bima188.lol

wealth-km.online

seepao27200.top

6c958u9.lol

fbyu57ytsd.shop

baranetentegre.com

webaichimie.com

h3k38q2.lol

abicomsrl.com

338kp.vip

rescuecube.com

bubatz-t.com

psgluxuryapartments.com

goodfellowlawfirm.com

bais141.com

imingchu.com

ekzeanjfolzaks.top

Targets

- Target
  
  206f17d8a641d884bba4bf29413d8c11ececdc220a22777455b23f1cad77dd9d.exe
- Size
  
  1.1MB
- MD5
  
  d345b1de15380a01c02ae2ba9c941a42
- SHA1
  
  77390e269cee60467364dedcdc4b5156e634d6a8
- SHA256
  
  206f17d8a641d884bba4bf29413d8c11ececdc220a22777455b23f1cad77dd9d
- SHA512
  
  4bbb55cd1666dfe1bc13dd315efda50dc3d475fdd942f90834c6c7a61a089cf2d3f39997f249ede6593acc49c4ab1102e555eebec093ab38a95c7b09569fd6f2
- SSDEEP
  
  24576:zAHnh+eWsN3skA4RV1Hom2KXMmHaungmQu7/d+gIM5:+h+ZkldoPK8Yaun3/d/f
Score

10^/10

formbook ss63 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2