formbook

General

Target

SecuriteInfo.com.Trojan.PackedNET.509.17348.8214
Size

1.2MB
Sample

210119-naj9wtjyc2
MD5

1eea31c7530595a01a054ad9f86b9dc3
SHA1

f1512ab3aee1acfc11c86706f1f780ffef881d71
SHA256

a68a5c0f7b3fcd4b0da8f24992a3d4d020e72d630e83947de700a02688fce48b
SHA512

9a47e28732c4565797b66a856a2d237f2abc02ffcfd317ca2eed9b5aa174ed1b14bbd3a203b1c8a33090c303235248218dcd3e310c6e0aabcd0d7018f6199654

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.unitedfootballcamps.com/bf3/

Decoy

ecatcom.com

what3emoji.com

primbathandbody.com

yt-itclub.com

newbieeer.com

getyoursofa.com

mexicanitems.info

catalogcardgames.net

leagueofwomengolfers.com

gvanmp.com

midnightsunhi.com

cnluma.com

sunsetcherrydesigns.com

cosmoproturkey.com

inifinityapps.net

making50masks.com

battalionice.com

uk-calculation.net

frosteatlove.com

bs-mag.com

Targets

- Target
  
  SecuriteInfo.com.Trojan.PackedNET.509.17348.8214
- Size
  
  1.2MB
- MD5
  
  1eea31c7530595a01a054ad9f86b9dc3
- SHA1
  
  f1512ab3aee1acfc11c86706f1f780ffef881d71
- SHA256
  
  a68a5c0f7b3fcd4b0da8f24992a3d4d020e72d630e83947de700a02688fce48b
- SHA512
  
  9a47e28732c4565797b66a856a2d237f2abc02ffcfd317ca2eed9b5aa174ed1b14bbd3a203b1c8a33090c303235248218dcd3e310c6e0aabcd0d7018f6199654
Score

10^/10

formbook rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1

T1012

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2