Automated Malware Analysis - Joe Sandbox Cloud Basic

Threat	Antivirus	Time & Date	Name
FormBook	33%	02.07.2020 10:16:43	URGENT INQUIRY.exe
FormBook	15%	26.06.2020 13:00:21	6757Maersk Documents65678.xlsx
FormBook	18%	26.06.2020 12:59:58	8976547shipping docs45890.exe
FormBook	68%	24.06.2020 03:50:44	RFQ.exe.exe
FormBook	24%	23.06.2020 17:51:17	PO.exe
FormBook	35%	19.06.2020 13:46:22	quote#838.pdf.xlsm
FormBook	27%	16.06.2020 12:04:13	URGENT PRODUCTS WE NEED.pif.exe
FormBook	1%	16.06.2020 10:16:25	Invoice_CAII00008052.exe
FormBook	9%	15.06.2020 12:39:13	PO 42.xlsx
FormBook	35%	11.06.2020 18:02:14	druS9vVaUK.exe
FormBook	38%	10.06.2020 13:35:29	168768566-104646-sdfnt5-8.exe
FormBook GuLoader	29%	10.06.2020 08:54:48	CI-BL202006-10.jpg.exe
FormBook	30%	08.06.2020 22:07:06	COVID-19 FUNDING ELIGIBILITY FORM.doc
FormBook	37%	08.06.2020 19:19:33	ewuTygg1Bw.exe
FormBook GuLoader	63%	08.06.2020 05:51:17	order.exe.exe
FormBook	1%	04.06.2020 18:29:40	9ddd272a4f0ab26dd56ab3caa8968feee9989982463cff9486c395f7361abbd5-cleaned.exe
FormBook GuLoader	44%	04.06.2020 09:51:49	sample.exe
FormBook GuLoader	44%	04.06.2020 09:51:00	sample.exe
FormBook	48%	04.06.2020 09:22:16	Scan_06032020.exe
FormBook	22%	03.06.2020 20:17:34	TGSKU7q5IQ.exe

Windows:

InjectsHas kernel mode componentDrops PE FilesHas more than one ProcessHas Email attachmentDisassembly is available

Android: Receives SMS Sends SMS Reboot Native CMD

Common: Generates Internet Traffic Generates HTTP Network Traffic Expired Sample

Search results for "threatnames:FormBook" (limited to max. 20)