IOC Radar
TLP:WHITE8 IOCs

Malware Analysis — Formbook

0X
0xMrMagnezi
Published April 1, 2024Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREmail.agagroup.lvCAPABILITYFormBookVICTIMunknown
Adversary
Infrastructure(1)
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise8

TypeIndicatorConfidenceScoreFirst Seen
MD52effd68ca29fb310fbe40749eb566d0e
aptespionagefile-hash
Medium
53
Jun 2, 26
MD5f362f6f1dd0d9521752008cb1789a699
file-hashintel-blogmalware
Medium
53
Jun 2, 26
Domainmail.agagroup.lv
exfiltrationintel-blogmalware
High
58
Jun 2, 26
Email[email protected]
emailexfiltrationintel-blog
High
58
Jun 2, 26
SHA256463b92101e5f2912781dd6eb61374b97f14fb27b6fe05c0ef3fb734d8ef4d4ec
aptespionagefile-hash
Medium
53
Jun 2, 26
MD5cbd924de2846331d88a342757c53fe08
exfiltrationfile-hashintel-blog
Medium
53
Jun 2, 26
Email[email protected]
emailexfiltrationintel-blog
High
58
Jun 2, 26
MD556e3f56dda234344fb2799c10727e642
aptespionagefile-hash
Medium
53
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph8 total IOCs
MD5DomainEmailSHA256
MD54Email2Domain1SHA2561Malware1REPORTMalware Analysis — FormbooFormBook
scroll to zoom · drag to pan · click IOC to open