formbook

General

Target

bc699327b7d8fe4f35d0128c292158c4_JaffaCakes118
Size

348KB
Sample

240618-rrlhbaxeja
MD5

bc699327b7d8fe4f35d0128c292158c4
SHA1

bdd93c01e4e08f21997db4d436ba898291c0bf7a
SHA256

eced2406f4bcba0e0e017c9215b07ac0e5b1e2a3ba962753c5cc3cca88aee9ca
SHA512

c65f68bd98ac6512a57b0552bb450acd14b237bc59ace12fc17bbef7f3a49a4e41aac86ebc5ae3c038ca79095d22282cd0bf43bb7b40d91ab54411d0b9438fc2
SSDEEP

6144:xVGzABRwv6pZN9VOHsidU65apfSxYr9Ad:xVGzEiWZN9It55arOd

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

hx300

Decoy

uniquepure.com

xn--mkr60t8otfk4a.com

npulrk.com

xzzjmy.com

3dleatherwallpanel.com

0r1twohot.men

zealtolearn.com

jokes-about.com

lomalan.com

tv17882.info

dajerkstop.com

rwzst.info

krematoriumniederrhein.com

scentprintluxury.com

embeducate.com

barbarawilliford.com

awesoppy.com

taonongwei.com

notasmallworld.net

perthmohssurgery.com

Targets

- Target
  
  bc699327b7d8fe4f35d0128c292158c4_JaffaCakes118
- Size
  
  348KB
- MD5
  
  bc699327b7d8fe4f35d0128c292158c4
- SHA1
  
  bdd93c01e4e08f21997db4d436ba898291c0bf7a
- SHA256
  
  eced2406f4bcba0e0e017c9215b07ac0e5b1e2a3ba962753c5cc3cca88aee9ca
- SHA512
  
  c65f68bd98ac6512a57b0552bb450acd14b237bc59ace12fc17bbef7f3a49a4e41aac86ebc5ae3c038ca79095d22282cd0bf43bb7b40d91ab54411d0b9438fc2
- SSDEEP
  
  6144:xVGzABRwv6pZN9VOHsidU65apfSxYr9Ad:xVGzEiWZN9It55arOd
Score

10^/10

formbook hx300 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2