formbook

General

Target

fe05b70ac1361d66568c7b733fbf4d0a.exe
Size

1.1MB
Sample

210114-m1mjh5byta
MD5

fe05b70ac1361d66568c7b733fbf4d0a
SHA1

f9271f132ffad3121c9d03c4f770b84479800d87
SHA256

204cd2ef2cb64300f46ba8ce7dae3507b6861cd9225e3bae6fc2303360585ef4
SHA512

d5ad1afe33b320592780c0ff1ad6f9e8a5c7907c1409f79c543842938f6f50836ed276e336a37434b9d09e778c7920ad0033fd0182790ce89e8b1b6af7c44eba

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.rizrvd.com/bw82/

Decoy

fundamentaliemef.com

gallerybrows.com

leadeligey.com

octoberx2.online

climaxnovels.com

gdsjgf.com

curateherstories.com

blacksailus.com

yjpps.com

gmobilet.com

fcoins.club

foreverlive2027.com

healthyfifties.com

wmarquezy.com

housebulb.com

thebabyfriendly.com

primajayaintiperkasa.com

learnplaychess.com

chrisbubser.digital

xn--avenr-wsa.com

Targets

- Target
  
  fe05b70ac1361d66568c7b733fbf4d0a.exe
- Size
  
  1.1MB
- MD5
  
  fe05b70ac1361d66568c7b733fbf4d0a
- SHA1
  
  f9271f132ffad3121c9d03c4f770b84479800d87
- SHA256
  
  204cd2ef2cb64300f46ba8ce7dae3507b6861cd9225e3bae6fc2303360585ef4
- SHA512
  
  d5ad1afe33b320592780c0ff1ad6f9e8a5c7907c1409f79c543842938f6f50836ed276e336a37434b9d09e778c7920ad0033fd0182790ce89e8b1b6af7c44eba
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2