Overview

overview

10

Static

static

180120211200.exe

windows7_x64

10

180120211200.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    180120211200.exe

  • Size

    1.1MB

  • Sample

    210118-y8t9sj82yx

  • MD5

    293b5da09841ae1984a6478fd3caaf24

  • SHA1

    c903950fef8f029eda21f9bfe44f0c347471de35

  • SHA256

    29f154b8c244af71ad5dda7bee1e41896e78cf7e5f189219754962c10bcd4183

  • SHA512

    1f939e12af338e655444bf300ce0059a7eb2a67a5a4447282231ca41b5d48be8f8953a01cd551922006908383f2ee4df9f53ba745123f6bb152c3ee191b266bd

Score
10/10
formbookratspywarestealertrojan

Malware Config

Extracted

Family

formbook

C2

http://www.southsideflooringcreations.com/dkk/

Decoy

goldenfarmm.com

miproper.com

theutahan.com

efeteenerji.com

wellfarehealth.com

setricoo.com

enjoyablephotobooths.com

semaindustrial.com

jennywet.com

jackhughesart.com

cantgetryte.com

searko.com

zxrxhuny.icu

exoticorganicwine.com

fordexplorerproblems.com

locationwebtv.net

elinvoimainenperhe.com

mundoclik.com

nouvellenormale.com

talasnakliyat.com

Targets

    • Target

      180120211200.exe

    • Size

      1.1MB

    • MD5

      293b5da09841ae1984a6478fd3caaf24

    • SHA1

      c903950fef8f029eda21f9bfe44f0c347471de35

    • SHA256

      29f154b8c244af71ad5dda7bee1e41896e78cf7e5f189219754962c10bcd4183

    • SHA512

      1f939e12af338e655444bf300ce0059a7eb2a67a5a4447282231ca41b5d48be8f8953a01cd551922006908383f2ee4df9f53ba745123f6bb152c3ee191b266bd

    Score
    10/10
    formbookratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook Payload

      rat

    • Deletes itself

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks