formbook

General

Target

SecuriteInfo.com.Artemis9384F39577D5.29456
Size

1.4MB
Sample

210119-b5darlalyj
MD5

9384f39577d50f51a122e2f3d1d875c0
SHA1

0628101eede7f441ec56217d0acee716b24a3ba0
SHA256

9787e886d7536b9343db7b8b78a9f87f5177b5d11460130d2aced11ccb44de8f
SHA512

882944adbe708490b28c4f15f43597e4760b819c040728f9dced69f9063cc08dd2e6b5bd45e00416a4f503cdfa3c994a9710f7a72eaf4735df18c14f893d05f9

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.learnhour.net/eaud/

Decoy

modshiro.com

mademarketingoss.com

austinjourls.info

wayupteam.com

crossingfinger.com

interseptors.com

gigashit.com

livetigo.com

halamankuningindonesia.com

windhammills.com

aylinahmet.com

mbacexonan.website

shopboxbarcelona.com

youyeslive.com

coonlinesportsbooks.com

guorunme.com

putlocker2.site

pencueaidnetwork.com

likevector.com

vulcanudachi-proclub.com

Targets

- Target
  
  SecuriteInfo.com.Artemis9384F39577D5.29456
- Size
  
  1.4MB
- MD5
  
  9384f39577d50f51a122e2f3d1d875c0
- SHA1
  
  0628101eede7f441ec56217d0acee716b24a3ba0
- SHA256
  
  9787e886d7536b9343db7b8b78a9f87f5177b5d11460130d2aced11ccb44de8f
- SHA512
  
  882944adbe708490b28c4f15f43597e4760b819c040728f9dced69f9063cc08dd2e6b5bd45e00416a4f503cdfa3c994a9710f7a72eaf4735df18c14f893d05f9
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2