formbook

General

Target

e44f2c56314148dfe7f8e8ca016fd689f8fb72029a4c06b9020a322ba6ed1896.exe
Size

448KB
Sample

240625-ccy3javbne
MD5

7e35e387ee431ef08dfeec00552a6006
SHA1

3d67672311c989e58c18df87b92e671cc5100360
SHA256

e44f2c56314148dfe7f8e8ca016fd689f8fb72029a4c06b9020a322ba6ed1896
SHA512

de755174a1cd65c46b8969ea14044c06282ef8748ffc92b08d9130571b241a786618b91196b30354b85f5d2815a56c5fe246e9bc753be35e9d7122db8a1c8299
SSDEEP

6144:7Q3klTByZJvq7I3kv61Gn8UOFP0hEtUfv8AQDLv8mex0D9av1osh:s3YTEZJvqbOC8m688A4Err

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

45er

Decoy

depotpulsa.com

k2bilbao.online

bb4uoficial.com

rwc666.club

us-pservice.cyou

tricegottreats.com

zsystems.pro

qudouyin6.com

sfumaturedamore.net

pcetyy.icu

notbokin.online

beqprod.tech

flipbuilding.com

errormitigationzoo.com

zj5u603.xyz

jezzatravel.com

zmdniavysyi.shop

quinnsteele.com

522334.com

outdoorshopping.net

Targets

- Target
  
  e44f2c56314148dfe7f8e8ca016fd689f8fb72029a4c06b9020a322ba6ed1896.exe
- Size
  
  448KB
- MD5
  
  7e35e387ee431ef08dfeec00552a6006
- SHA1
  
  3d67672311c989e58c18df87b92e671cc5100360
- SHA256
  
  e44f2c56314148dfe7f8e8ca016fd689f8fb72029a4c06b9020a322ba6ed1896
- SHA512
  
  de755174a1cd65c46b8969ea14044c06282ef8748ffc92b08d9130571b241a786618b91196b30354b85f5d2815a56c5fe246e9bc753be35e9d7122db8a1c8299
- SSDEEP
  
  6144:7Q3klTByZJvq7I3kv61Gn8UOFP0hEtUfv8AQDLv8mex0D9av1osh:s3YTEZJvqbOC8m688A4Err
Score

10^/10

formbook 45er rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2