formbook

General

Target

24f9d7832d2ec8673c62aea51e58717e.exe
Size

891KB
Sample

210119-nk54pz2f1x
MD5

24f9d7832d2ec8673c62aea51e58717e
SHA1

782d70219eda646b7b134e26bd41ac71b90800f2
SHA256

7b5c683c8f9571d55f21bdd73cec4b0f39a169265e58c5877ca94203e61548af
SHA512

f20fab6b7de97b2b95088f5684ab50c074645259672685429189bbef158515ae392c212f5a15fd23bdc0e11b764ff45f4a1f2d98765f63ab58034ff9c0f965b0

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.rizrvd.com/bw82/

Decoy

fundamentaliemef.com

gallerybrows.com

leadeligey.com

octoberx2.online

climaxnovels.com

gdsjgf.com

curateherstories.com

blacksailus.com

yjpps.com

gmobilet.com

fcoins.club

foreverlive2027.com

healthyfifties.com

wmarquezy.com

housebulb.com

thebabyfriendly.com

primajayaintiperkasa.com

learnplaychess.com

chrisbubser.digital

xn--avenr-wsa.com

Targets

- Target
  
  24f9d7832d2ec8673c62aea51e58717e.exe
- Size
  
  891KB
- MD5
  
  24f9d7832d2ec8673c62aea51e58717e
- SHA1
  
  782d70219eda646b7b134e26bd41ac71b90800f2
- SHA256
  
  7b5c683c8f9571d55f21bdd73cec4b0f39a169265e58c5877ca94203e61548af
- SHA512
  
  f20fab6b7de97b2b95088f5684ab50c074645259672685429189bbef158515ae392c212f5a15fd23bdc0e11b764ff45f4a1f2d98765f63ab58034ff9c0f965b0
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2