formbook

General

Target

c1a46cb393041dbeb3aa1355d76232c7.exe
Size

1.0MB
Sample

210113-8pp76pmwwn
MD5

c1a46cb393041dbeb3aa1355d76232c7
SHA1

f2573d8ae24aa2a4a24e6a3ed6170cdd29658211
SHA256

e49c51a6864bf50e27baca58c5a2420046cae1803c5e0338af152b50d0dcc215
SHA512

f6fe4d189141e7f0f867f1fdc55211c36ac810d290d84e8fa42b74e22a956e77b23f35f7c92040618c9e74028d197ca1045b033cfe15a099c5dcc22d92f7b076

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.classifoods.com/oean/

Decoy

keboate.club

whitehatiq.com

loimtech.com

icaroagencia.com

snigglez.com

noreservationsxpress.com

villacascabel.com

5037adairway.com

growingequity.fund

stafffully.com

bingent.info

tmssaleguarantee.com

neonatalfeedrates.com

george-beauty.com

oraghallaighjourney.net

zunutrition.com

sylkysmooveentertainment.com

ddmns6tzey2d.com

dvcstay.com

304shaughnessygreen.info

Targets

- Target
  
  c1a46cb393041dbeb3aa1355d76232c7.exe
- Size
  
  1.0MB
- MD5
  
  c1a46cb393041dbeb3aa1355d76232c7
- SHA1
  
  f2573d8ae24aa2a4a24e6a3ed6170cdd29658211
- SHA256
  
  e49c51a6864bf50e27baca58c5a2420046cae1803c5e0338af152b50d0dcc215
- SHA512
  
  f6fe4d189141e7f0f867f1fdc55211c36ac810d290d84e8fa42b74e22a956e77b23f35f7c92040618c9e74028d197ca1045b033cfe15a099c5dcc22d92f7b076
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2