formbook

General

Target

20ce27d410e9cb9d9ac96ab615e607c6_JaffaCakes118
Size

659KB
Sample

240703-c591hatbnd
MD5

20ce27d410e9cb9d9ac96ab615e607c6
SHA1

1132b5764975577b8f26c8b3cf9b2b17aa51a095
SHA256

4d0418d6ed89ac0dd6a7be7b8b73fbf85d69e0823ce8e392398b3ad005d5839f
SHA512

f6c9433178e992feaef4f36807dee4cb2e19e268284f5cb8515b4b217e23aff3c1e35d8ac5fe20908ee4e4d3341e7e7a8cc0dd91af0a7d837d244c5481c6f4b8
SSDEEP

12288:gYxBYG+2AM0TFoei0W+7Bt7NNdO9AbrPJnwJo6UWa3urQ:dxBYiWSe2oBt7Nu23cmWG

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gbl

Decoy

dx268.com

textbot4you.com

critictable.com

fsclub.info

order-review.com

tkgenergy.com

contavip.info

fashionests.com

sieromart.com

miamimobiletesting.com

oxforhabits.com

yugoslavilk.online

inieenterprises.com

bythebucketfranchise.com

parcelified.com

signalcyclers.com

starryeyedproject.com

proteacherstore.com

horos.tech

bovadaracebook.sucks

Targets

- Target
  
  20ce27d410e9cb9d9ac96ab615e607c6_JaffaCakes118
- Size
  
  659KB
- MD5
  
  20ce27d410e9cb9d9ac96ab615e607c6
- SHA1
  
  1132b5764975577b8f26c8b3cf9b2b17aa51a095
- SHA256
  
  4d0418d6ed89ac0dd6a7be7b8b73fbf85d69e0823ce8e392398b3ad005d5839f
- SHA512
  
  f6c9433178e992feaef4f36807dee4cb2e19e268284f5cb8515b4b217e23aff3c1e35d8ac5fe20908ee4e4d3341e7e7a8cc0dd91af0a7d837d244c5481c6f4b8
- SSDEEP
  
  12288:gYxBYG+2AM0TFoei0W+7Bt7NNdO9AbrPJnwJo6UWa3urQ:dxBYiWSe2oBt7Nu23cmWG
Score

10^/10

formbook gbl rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2