formbook

General

Target

00882320002344-SwiftAdvice_pdf.exe
Size

188KB
Sample

210119-jne4ssrw3s
MD5

9d7290bbe5611ee57a7604cbea3518f0
SHA1

d19769d9fb9970253f55decb8227b9d367eb78ba
SHA256

bfe365fae8e14aae158de051972efe75103b705f7d8cf84061f857d79bb1993b
SHA512

ab1e24e23770b35b5d32e2dd4b03f2e9be6fecbd3ce6987575a518d179aaab7aa9e0456ac90f0e7d8d90d067abc299d61f35b0973687463c4a458423c9e07ad0

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.floridaretaildevelopment.com/uoyd/

Decoy

precisehomeremodelinginc.com

brettslegal.com

mannokpackaging.com

syne.site

home-style-bg.com

testowadomena.com

postgrestosnowflake.com

costumes4babies.com

justcallkerriann.fyi

justbealegend.com

jnfwmy.com

cbuksdei.com

jehflrtic.icu

changefio.net

ka30066.com

hagusto.com

eastpeakessentials.com

upsppreworkcheck.com

duraghenni.com

joshadlesperger.com

Targets

- Target
  
  00882320002344-SwiftAdvice_pdf.exe
- Size
  
  188KB
- MD5
  
  9d7290bbe5611ee57a7604cbea3518f0
- SHA1
  
  d19769d9fb9970253f55decb8227b9d367eb78ba
- SHA256
  
  bfe365fae8e14aae158de051972efe75103b705f7d8cf84061f857d79bb1993b
- SHA512
  
  ab1e24e23770b35b5d32e2dd4b03f2e9be6fecbd3ce6987575a518d179aaab7aa9e0456ac90f0e7d8d90d067abc299d61f35b0973687463c4a458423c9e07ad0
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2