formbook

General

Target

Payment_receipt-jpg.exe
Size

205KB
Sample

210226-5jwyhp73ve
MD5

ff3e0ab57af118dc198c22762d82a853
SHA1

7f6cc3851f4e778abad04e910849d81321b3112b
SHA256

a557dd45c97fa26c318728d77a46ea6b69afba06d1cbdc00975fe27492c5f17a
SHA512

5f18d775b0357ada24682d52f61c558db585aa8e0a1ee65cde4292ea60835e718c0bcc8daad2f264ba39cfae068aca01b4b5092a9508a6f6b1822926892576e0

Score

10^/10

Malware Config

Extracted

Family

formbook

C2

http://www.t-delivery.com/c8bs/

Decoy

hiocast.com

osloelektriker.com

reneochoa.com

abtalna.com

inochishop.com

meetingsourcing.com

agatmato.com

subauth.com

enascenso2011.com

tapaticon.website

jpamoroso.com

theofficialgarciaapp.com

a7a2.xyz

6767998.info

travelloverstransfers.com

themetroatlantateam.com

cmilegacy.com

sportcardcon.com

signaturehosts.com

banhxeowraps.com

Targets

- Target
  
  Payment_receipt-jpg.exe
- Size
  
  205KB
- MD5
  
  ff3e0ab57af118dc198c22762d82a853
- SHA1
  
  7f6cc3851f4e778abad04e910849d81321b3112b
- SHA256
  
  a557dd45c97fa26c318728d77a46ea6b69afba06d1cbdc00975fe27492c5f17a
- SHA512
  
  5f18d775b0357ada24682d52f61c558db585aa8e0a1ee65cde4292ea60835e718c0bcc8daad2f264ba39cfae068aca01b4b5092a9508a6f6b1822926892576e0
Score

10^/10

formbook xloader loader rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Xloader
  Xloader is a rebranded version of Formbook malware.
  loader xloader
- Xloader Payload
  rat
- Executes dropped EXE
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Xloader

Xloader Payload

Executes dropped EXE

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2