formbook

General

Target

8d39599a31cac2a8cf51d0b0d6dfd6dbafa76dd1cd33d70d0ce6a8235c662a5d.exe
Size

792KB
Sample

240702-b5enxsvhlk
MD5

ecd71b32a9f7df1197ea46c0831f5e54
SHA1

aa8b0fc56cf3048ccd5f293500cce039305da1a3
SHA256

8d39599a31cac2a8cf51d0b0d6dfd6dbafa76dd1cd33d70d0ce6a8235c662a5d
SHA512

5ebee458ecc260368c5414d7b303c2fbf5779287ebfc55142d143da3cb10ee564f66ad8f8bed6c7574be4df479178ea149ddf990709547cea2083a932e630d26
SSDEEP

12288:J0KE8GILjWLWg/yGcktHAJr5OJKjHYXRLQXTtsepSTVp+:Pc/oEuaqHEwIn

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dy13

Decoy

manga-house.com

kjsdhklssk51.xyz

b0ba138.xyz

bt365033.com

ccbsinc.net

mrwine.xyz

nrxkrd527o.xyz

hoshi.social

1912ai.com

serco2020.com

byfchfyr.xyz

imuschestvostorgov.online

austinheafey.com

mrdfa.club

883106.photos

profitablefxmarkets.com

taini00.net

brye.top

ginsm.com

sportglid.com

Targets

- Target
  
  8d39599a31cac2a8cf51d0b0d6dfd6dbafa76dd1cd33d70d0ce6a8235c662a5d.exe
- Size
  
  792KB
- MD5
  
  ecd71b32a9f7df1197ea46c0831f5e54
- SHA1
  
  aa8b0fc56cf3048ccd5f293500cce039305da1a3
- SHA256
  
  8d39599a31cac2a8cf51d0b0d6dfd6dbafa76dd1cd33d70d0ce6a8235c662a5d
- SHA512
  
  5ebee458ecc260368c5414d7b303c2fbf5779287ebfc55142d143da3cb10ee564f66ad8f8bed6c7574be4df479178ea149ddf990709547cea2083a932e630d26
- SSDEEP
  
  12288:J0KE8GILjWLWg/yGcktHAJr5OJKjHYXRLQXTtsepSTVp+:Pc/oEuaqHEwIn
Score

10^/10

formbook dy13 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2