formbook

General

Target

7nMMSdGgCXAfKsb.exe
Size

931KB
Sample

210118-g876544t1a
MD5

50439fc35eaebb32f1fdeba8ef12e7c2
SHA1

689a97e2c83d0e84aeca38c1330245149ef5ed0d
SHA256

65ca40e44ab6171794b0c81d8b80122604eff3aca4614901fcd30db1a5329cfb
SHA512

a80705235bbadac3c1d12d953016ddcb9ada91b28f442e61c5bc24babe7b0a39df9874fdbcc1687f28e594fc959b990a5a20be9ddb3f4540257964a1938ee9f0

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.besteprobioticakopen.online/uszn/

Decoy

animegriptape.com

pcpnetworks.com

putupmybabyforadoption.com

xn--jvrr98g37n88d.com

fertinvitro.doctor

undonethread.com

avoleague.com

sissysundays.com

guilhermeoliveiro.site

catholicon-bespeckle.info

mardesuenosfundacion.com

songkhoe24.site

shoecityindia.com

smallbathroomdecor.info

tskusa.com

prairiespringsllc.com

kegncoffee.com

clicklounge.xyz

catholicendoflifeplanning.com

steelobzee.com

Targets

- Target
  
  7nMMSdGgCXAfKsb.exe
- Size
  
  931KB
- MD5
  
  50439fc35eaebb32f1fdeba8ef12e7c2
- SHA1
  
  689a97e2c83d0e84aeca38c1330245149ef5ed0d
- SHA256
  
  65ca40e44ab6171794b0c81d8b80122604eff3aca4614901fcd30db1a5329cfb
- SHA512
  
  a80705235bbadac3c1d12d953016ddcb9ada91b28f442e61c5bc24babe7b0a39df9874fdbcc1687f28e594fc959b990a5a20be9ddb3f4540257964a1938ee9f0
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2