formbook

General

Target

607868824f841ff4b6e24e997228d10d.exe
Size

614KB
Sample

240625-qb3k8avbkq
MD5

607868824f841ff4b6e24e997228d10d
SHA1

76a91ee65551d7babf8799bbecd9e78c44f47787
SHA256

7392b6a710583060d7f5bd8a3a7573fa0f278a543f961057fec04445d017de3b
SHA512

99f856165bcdfeaf6ef3e9f34c9d88cb30e3467f238eef4489ade96024d57d50dd002da63e77dfeb82458b084a1535a7392ac159711337b8694e75822033ebc8
SSDEEP

12288:LajzneBoLmk8bLq4xKNhZAb2drAJuU6ljqdLGtierEWhuV:2jznfL/qLxK7ZAbWAJJ6lGdLGtierEJV

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

btrd

Decoy

everslane.com

prairieviewelectric.online

dszvhgd.com

papamuch.com

8129k.vip

jeffreestar.gold

bestguestrentals.com

nvzhuang1.net

anangtoto.com

yxfgor.top

practicalpoppers.com

thebestanglephotography.online

koormm.top

criika.net

audioflow.online

380747.net

jiuguanwang.net

bloxequities.com

v321c.com

sugar.monster

Targets

- Target
  
  607868824f841ff4b6e24e997228d10d.exe
- Size
  
  614KB
- MD5
  
  607868824f841ff4b6e24e997228d10d
- SHA1
  
  76a91ee65551d7babf8799bbecd9e78c44f47787
- SHA256
  
  7392b6a710583060d7f5bd8a3a7573fa0f278a543f961057fec04445d017de3b
- SHA512
  
  99f856165bcdfeaf6ef3e9f34c9d88cb30e3467f238eef4489ade96024d57d50dd002da63e77dfeb82458b084a1535a7392ac159711337b8694e75822033ebc8
- SSDEEP
  
  12288:LajzneBoLmk8bLq4xKNhZAb2drAJuU6ljqdLGtierEWhuV:2jznfL/qLxK7ZAbWAJJ6lGdLGtierEJV
Score

10^/10

formbook btrd rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2