Overview

overview

10

Static

static

SCAN_20210...69.exe

windows7_x64

10

SCAN_20210...69.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SCAN_20210112140930669.exe

  • Size

    837KB

  • Sample

    210112-h6wx49xpw6

  • MD5

    0d7f35bd5d0a8f5e0b52db592ab5509c

  • SHA1

    5300466a9a3ca11e3f90785ed8a13115e200def6

  • SHA256

    f49e50532a7e5d312f8429c41e28848461651f671139a7590b64d9df029db998

  • SHA512

    978f2d13f77d724a780fe33a5740b1735d95b03dae0e6a273cbf1101d13c8e3c7981b219433975ff42db7f97488b1868aa990d660713f702568e411ffc9b00f3

Score
10/10
formbookratspywarestealertrojan

Malware Config

Extracted

Family

formbook

C2

http://www.midnightblueinc.com/2kf/

Decoy

edmondscakes.com

doublewldr.online

tickets2usa.com

heyhxry.com

weightloss-gulfport.com

prosselius.com

newviewroofers.com

jacksonarearealestate.com

catparkas.xyz

pagos2020.com

sonwsefjrahi.online

franchisethings.com

nuocvietngaynay.com

sohelvai.com

mikeyroush.com

lamesaroofing.com

betbigo138.com

amazon-service-recovery.com

clockin.net

riostrader.com

Targets

    • Target

      SCAN_20210112140930669.exe

    • Size

      837KB

    • MD5

      0d7f35bd5d0a8f5e0b52db592ab5509c

    • SHA1

      5300466a9a3ca11e3f90785ed8a13115e200def6

    • SHA256

      f49e50532a7e5d312f8429c41e28848461651f671139a7590b64d9df029db998

    • SHA512

      978f2d13f77d724a780fe33a5740b1735d95b03dae0e6a273cbf1101d13c8e3c7981b219433975ff42db7f97488b1868aa990d660713f702568e411ffc9b00f3

    Score
    10/10
    formbookratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks