formbook

General

Target

27db728c69c96de67c4ad3863abe33a9_JaffaCakes118
Size

1.0MB
Sample

240706-j4amkssanj
MD5

27db728c69c96de67c4ad3863abe33a9
SHA1

5786e68382eb6eec432ca8a3109f61242b4c03d0
SHA256

9e38c0c3c516583da526016c4c6a671c53333d3d156562717db79eac63587522
SHA512

696100874eb5c1e65b81fd704afcae455c0f1d9a896d6050d4f35a7873e921348386c59ed8494fc48aed95bb8390f37026079de7039e2776646aaae4e7844cd2
SSDEEP

6144:TV9VhXLMjb8MUYTygw2CMgAHVoKStnCX7QyKGk8Pu5rcyOREjCGcMdRoYfTgvzzg:erhStC4Gwe1nMdRoYf7rTmeh6ZMGka9

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

t052

Decoy

ladybug-learning.com

unforgottenstory.com

oldmopaiv.xyz

natashaexim.com

hannahmcelgunn.com

retargetingmachines.info

njoconline.com

unicornlankadelivery.com

giftkerala.com

englishfordoctors.online

schatzilandrvresort.com

brujoisaac.com

basiccampinggear.com

escapees.today

dgyxsy888.com

stevebana.xyz

mimozakebap.com

ezdoff.com

pluumyspalace.com

shaoshanshan.com

Targets

- Target
  
  27db728c69c96de67c4ad3863abe33a9_JaffaCakes118
- Size
  
  1.0MB
- MD5
  
  27db728c69c96de67c4ad3863abe33a9
- SHA1
  
  5786e68382eb6eec432ca8a3109f61242b4c03d0
- SHA256
  
  9e38c0c3c516583da526016c4c6a671c53333d3d156562717db79eac63587522
- SHA512
  
  696100874eb5c1e65b81fd704afcae455c0f1d9a896d6050d4f35a7873e921348386c59ed8494fc48aed95bb8390f37026079de7039e2776646aaae4e7844cd2
- SSDEEP
  
  6144:TV9VhXLMjb8MUYTygw2CMgAHVoKStnCX7QyKGk8Pu5rcyOREjCGcMdRoYfTgvzzg:erhStC4Gwe1nMdRoYf7rTmeh6ZMGka9
Score

10^/10

formbook t052 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2