formbook

General

Target

8fb76e6c9b652646d7c1f7f377c97cbd.exe
Size

1.0MB
Sample

210113-wtqmqz6vj6
MD5

8fb76e6c9b652646d7c1f7f377c97cbd
SHA1

087721c9ad24c3895e66186c208512706b64f025
SHA256

81e7927ab5ca518d06687dc18d5c4df22198011494322486e562136344d2513b
SHA512

cfb1aa684ea4be725ec7c63cb6477404f7a591b017743866e77afea9f39fd1c117af614b3654d21652f43ffcad31ad63bd93981ef17dc37157e3b4be1f6bdb8b

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.h-v-biz.com/c8so/

Decoy

floeperformancegear.com

youtubeincreaser.com

cbb-is.com

bullsbikeusa.com

mama-asobitai.com

parkdaleliving.com

kinneintl.com

byrondramos.com

topangashaman.com

channel1057.com

nuancedigitalsolutions.com

kumheekim.com

erikating.com

ulinekorea.com

giftoes.com

blacknation.info

eventsdonevirtually.com

mx190501.com

bingent.info

seronofertilitymeds.com

Targets

- Target
  
  8fb76e6c9b652646d7c1f7f377c97cbd.exe
- Size
  
  1.0MB
- MD5
  
  8fb76e6c9b652646d7c1f7f377c97cbd
- SHA1
  
  087721c9ad24c3895e66186c208512706b64f025
- SHA256
  
  81e7927ab5ca518d06687dc18d5c4df22198011494322486e562136344d2513b
- SHA512
  
  cfb1aa684ea4be725ec7c63cb6477404f7a591b017743866e77afea9f39fd1c117af614b3654d21652f43ffcad31ad63bd93981ef17dc37157e3b4be1f6bdb8b
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

1

T1053

Persistence

Scheduled Task

1

T1053

Privilege Escalation

Scheduled Task

1

T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2