formbook

General

Target

RE SHIPPING DOCS MNL 1X20GP+1X40HC ETD27012021pdf.exe
Size

1.4MB
Sample

210119-n2fqchfkc2
MD5

d4318c1bca3df9f7cf9dd429da7fe4c6
SHA1

bdfcb11a49b358d3c95a3ba8dfdb7757512234fb
SHA256

458bd08f0c32719adc9d2858721b609b136ff0e21c2f3ac3f4be4f97e4084b7a
SHA512

afec2d60fcdece43e7b1ef33c6278d06916f5a8163756babb8c5c89350c98cd0aed2d6456f037697240436c4a7417d7199abd364fad6f575102b4ef5fc82590f

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.thedilleyo.com/kb8/

Decoy

goodsforbuilders.com

dafuhe.com

parapharmacity.com

montclairymcamotionvibe.com

jamesmccloudart.com

reignfallentertainment.com

couplesforequality.com

pitchbop.com

minipresspaperco.com

venoam.com

so-paradise.com

surgeryprovider.com

donaldscareers.com

disney-funlife.com

biosolo.net

themodsmith.net

grandhawaiian.com

11mountains.com

immatesearch.com

stochastichq.com

Targets

- Target
  
  RE SHIPPING DOCS MNL 1X20GP+1X40HC ETD27012021pdf.exe
- Size
  
  1.4MB
- MD5
  
  d4318c1bca3df9f7cf9dd429da7fe4c6
- SHA1
  
  bdfcb11a49b358d3c95a3ba8dfdb7757512234fb
- SHA256
  
  458bd08f0c32719adc9d2858721b609b136ff0e21c2f3ac3f4be4f97e4084b7a
- SHA512
  
  afec2d60fcdece43e7b1ef33c6278d06916f5a8163756babb8c5c89350c98cd0aed2d6456f037697240436c4a7417d7199abd364fad6f575102b4ef5fc82590f
Score

10^/10

formbook rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2