formbook

General

Target

08d7aeca0918d83a300dfc9126aec292_JaffaCakes118
Size

695KB
Sample

240624-qydwdavcpe
MD5

08d7aeca0918d83a300dfc9126aec292
SHA1

2c599704a3cd75f995cd7a07f653ec68200ea0bc
SHA256

73c58bd017026340507d10cc2b3237c6c32835dc69571e81df1a5905981b3d63
SHA512

08fc804b00f905dae7c6189edbbc42c582fcee16708f09ef88c1127e9ca73db8c17a6dfb97d66777395d63c53c1f60bf737663c4f14d9252f70b848e834da982
SSDEEP

12288:SNROEKUWVNRPw7IvQBHQx0iK7B+FGZZaSSVHmis:SNcEKUWOccHS0r7gFgZa11m

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kre

Decoy

alpacaksa.com

ravneetkhurana.com

neverstopip.com

sunarrallc.com

lojag3wire.com

kiffbrother.com

pawantakespawn.com

sadarbarta.com

blogdoruan.life

jadeitesecurity.com

edcincorp.com

xjp168.com

babylist.info

ennobleempiremarketing.com

amazon-co-jp.store

regenlighting.com

zhengqiantv.com

carbeloy.com

lemenzz.com

enigmacombine.icu

Targets

- Target
  
  08d7aeca0918d83a300dfc9126aec292_JaffaCakes118
- Size
  
  695KB
- MD5
  
  08d7aeca0918d83a300dfc9126aec292
- SHA1
  
  2c599704a3cd75f995cd7a07f653ec68200ea0bc
- SHA256
  
  73c58bd017026340507d10cc2b3237c6c32835dc69571e81df1a5905981b3d63
- SHA512
  
  08fc804b00f905dae7c6189edbbc42c582fcee16708f09ef88c1127e9ca73db8c17a6dfb97d66777395d63c53c1f60bf737663c4f14d9252f70b848e834da982
- SSDEEP
  
  12288:SNROEKUWVNRPw7IvQBHQx0iK7B+FGZZaSSVHmis:SNcEKUWOccHS0r7gFgZa11m
Score

10^/10

formbook kre rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2