formbook

General

Target

f3d7308ba02ae2418b7133bb54af2f2f.exe
Size

1.0MB
Sample

210119-5tlat8x6ga
MD5

f3d7308ba02ae2418b7133bb54af2f2f
SHA1

abc7f14b9c5305c7d127ad53d0f0c9cd17af3b07
SHA256

2ad7e15e59c05d71f2682a81f2bf2872eb4421b343a4c4b96748a31064445494
SHA512

a4254e767a3eeb26783fc31b75f4e561938ce3b43f4872ae24f12b0f9ec421f2ac3b3c659f35da560bc247686658edfa4155ba8c08a2621b45237f14e234855c

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.rizrvd.com/bw82/

Decoy

fundamentaliemef.com

gallerybrows.com

leadeligey.com

octoberx2.online

climaxnovels.com

gdsjgf.com

curateherstories.com

blacksailus.com

yjpps.com

gmobilet.com

fcoins.club

foreverlive2027.com

healthyfifties.com

wmarquezy.com

housebulb.com

thebabyfriendly.com

primajayaintiperkasa.com

learnplaychess.com

chrisbubser.digital

xn--avenr-wsa.com

Targets

- Target
  
  f3d7308ba02ae2418b7133bb54af2f2f.exe
- Size
  
  1.0MB
- MD5
  
  f3d7308ba02ae2418b7133bb54af2f2f
- SHA1
  
  abc7f14b9c5305c7d127ad53d0f0c9cd17af3b07
- SHA256
  
  2ad7e15e59c05d71f2682a81f2bf2872eb4421b343a4c4b96748a31064445494
- SHA512
  
  a4254e767a3eeb26783fc31b75f4e561938ce3b43f4872ae24f12b0f9ec421f2ac3b3c659f35da560bc247686658edfa4155ba8c08a2621b45237f14e234855c
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2