formbook

General

Target

f86b5c769c4ae7db9a13fa32b90030bf8b700d8d0f5c30584044942602d2af30.exe
Size

1.1MB
Sample

240702-cnyk5sselb
MD5

e03cefcd99feaf7ca8fd37a4bec8280c
SHA1

1ef21abddff685aeb42767f9288d67bf22a9422d
SHA256

f86b5c769c4ae7db9a13fa32b90030bf8b700d8d0f5c30584044942602d2af30
SHA512

af81a05f31cc3cd87872f95d448ce65936c6cd9ee8296c2ee46fd9af7b1cc7f76104c4272c4ce03d206086cb676e034e8a40670ec98494de8c28e551f2776277
SSDEEP

24576:2AHnh+eWsN3skA4RV1Hom2KXMmHaFUjMJc+pSA1TZHrhb5:Rh+ZkldoPK8YaFXJnrT

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

ts59

Decoy

hgptgz684w.top

gas39.pro

totalcow.com

76466.club

ssweatstudio.com

nr35.top

hmstr-drop.site

kjsdhklssk13.xyz

lostaino.com

athenamotel.info

9332946.com

ec-delivery-jobs-8j.bond

complaix.com

824go.com

checkout4xgrow.shop

modleavedepts.online

shoedio54.com

topallinoneaccounting.com

texhio.online

cn-brand.com

Targets

- Target
  
  f86b5c769c4ae7db9a13fa32b90030bf8b700d8d0f5c30584044942602d2af30.exe
- Size
  
  1.1MB
- MD5
  
  e03cefcd99feaf7ca8fd37a4bec8280c
- SHA1
  
  1ef21abddff685aeb42767f9288d67bf22a9422d
- SHA256
  
  f86b5c769c4ae7db9a13fa32b90030bf8b700d8d0f5c30584044942602d2af30
- SHA512
  
  af81a05f31cc3cd87872f95d448ce65936c6cd9ee8296c2ee46fd9af7b1cc7f76104c4272c4ce03d206086cb676e034e8a40670ec98494de8c28e551f2776277
- SSDEEP
  
  24576:2AHnh+eWsN3skA4RV1Hom2KXMmHaFUjMJc+pSA1TZHrhb5:Rh+ZkldoPK8YaFXJnrT
Score

10^/10

formbook ts59 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2