formbook

General

Target

4bc87fbfe1c5bc22f4b002a8299d8ca46b8978ce2ca4b6ddaed51234099468a0.exe
Size

1.1MB
Sample

240616-bhh3tssglh
MD5

db70135e8dbccf549d724c7c78506a10
SHA1

e03021cd4c55f6a3df845611dcafcb9310453c62
SHA256

4bc87fbfe1c5bc22f4b002a8299d8ca46b8978ce2ca4b6ddaed51234099468a0
SHA512

e3762b27bcd8078606583b041d0407e516e0cf9ef351a77db97ad5d1da39c2f6b52d49960d5d249592aab74171104b602fe8a97e1fb1962b27d0aafc961a4f2e
SSDEEP

24576:gAHnh+eWsN3skA4RV1Hom2KXMmHa2pQDQG4aoZcXlj5:Xh+ZkldoPK8Ya2GfRacXv

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ss63

Decoy

catpig.xyz

chatladyanzensei7.site

onewayonepaydroptaxi.com

bima188.lol

wealth-km.online

seepao27200.top

6c958u9.lol

fbyu57ytsd.shop

baranetentegre.com

webaichimie.com

h3k38q2.lol

abicomsrl.com

338kp.vip

rescuecube.com

bubatz-t.com

psgluxuryapartments.com

goodfellowlawfirm.com

bais141.com

imingchu.com

ekzeanjfolzaks.top

Targets

- Target
  
  4bc87fbfe1c5bc22f4b002a8299d8ca46b8978ce2ca4b6ddaed51234099468a0.exe
- Size
  
  1.1MB
- MD5
  
  db70135e8dbccf549d724c7c78506a10
- SHA1
  
  e03021cd4c55f6a3df845611dcafcb9310453c62
- SHA256
  
  4bc87fbfe1c5bc22f4b002a8299d8ca46b8978ce2ca4b6ddaed51234099468a0
- SHA512
  
  e3762b27bcd8078606583b041d0407e516e0cf9ef351a77db97ad5d1da39c2f6b52d49960d5d249592aab74171104b602fe8a97e1fb1962b27d0aafc961a4f2e
- SSDEEP
  
  24576:gAHnh+eWsN3skA4RV1Hom2KXMmHa2pQDQG4aoZcXlj5:Xh+ZkldoPK8Ya2GfRacXv
Score

10^/10

formbook ss63 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2