formbook

General

Target

72386d293874079ed88a5f8d2ba12ba0c73d9014a1cdc8c46a4798e638ff7702_NeikiAnalytics.exe
Size

1.0MB
Sample

240622-ahqx1axdmc
MD5

339ae69e221743fd181a78cad3fe7e60
SHA1

ea6e6b0f7c267995084d31467383ef22de89ba00
SHA256

72386d293874079ed88a5f8d2ba12ba0c73d9014a1cdc8c46a4798e638ff7702
SHA512

6a96ddfaef5d03f08be2ba1c20821201cc016d76f2a9fffec9ddaa7d285b01ae850aeb8f42c72afe997c0afe21d1fbb6c0c486a7b50b19b6316205edab91a18a
SSDEEP

24576:RAHnh+eWsN3skA4RV1Hom2KXMmHatecJSNefwmnfGLGKRZjb35:oh+ZkldoPK8Yate6SIfBffojd

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

as02

Decoy

qwin777.com

robinhoods.live

h3jh-dal.pics

braindeadcopywriting.com

kktcbet1000.com

mpo0463.cfd

raboteshoes.com

ab1718.com

lowcrusiers.com

gregcopelandmusic.com

dkfndch.store

firstclassuni.com

00ewu1ub.com

shunweichemical.com

sugarits.com

marqify.com

mistmajik.com

trezip.online

tinytables.xyz

suestergocoaching.com

Targets

- Target
  
  72386d293874079ed88a5f8d2ba12ba0c73d9014a1cdc8c46a4798e638ff7702_NeikiAnalytics.exe
- Size
  
  1.0MB
- MD5
  
  339ae69e221743fd181a78cad3fe7e60
- SHA1
  
  ea6e6b0f7c267995084d31467383ef22de89ba00
- SHA256
  
  72386d293874079ed88a5f8d2ba12ba0c73d9014a1cdc8c46a4798e638ff7702
- SHA512
  
  6a96ddfaef5d03f08be2ba1c20821201cc016d76f2a9fffec9ddaa7d285b01ae850aeb8f42c72afe997c0afe21d1fbb6c0c486a7b50b19b6316205edab91a18a
- SSDEEP
  
  24576:RAHnh+eWsN3skA4RV1Hom2KXMmHatecJSNefwmnfGLGKRZjb35:oh+ZkldoPK8Yate6SIfBffojd
Score

10^/10

formbook as02 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2