formbook

General

Target

6de2089f_by_Libranalysis
Size

1.4MB
Sample

210503-rkbxwx7wcx
MD5

6de2089faacef5b512c7abb442388e3c
SHA1

5af74789c9fda2dd117a26ad59664e14d7bc64aa
SHA256

bccb5a69386e34c4c94dfe0932180377c333d0d1f0a65b52eb64a0cdc1974556
SHA512

0943521624cf61b883acfd6e2068b452b81bb5fe319e3aad2cf554c3e99cd865667f1918f025b609b97ce1baa97aa1ebb401bc80b77e41ee2b5055de09a5112d

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.joomlas123.info/n7ak/

Decoy

audereventur.com

huro14.com

wwwjinsha155.com

antiquevendor.com

samuraisoulfood.net

traffic4updates.download

hypersarv.com

rapport-happy-wedding.com

rokutechnosupport.online

allworljob.com

hanaleedossmann.com

kauai-marathon.com

bepbosch.com

kangen-international.com

zoneshopemenowz.com

belviderewrestling.com

ipllink.com

sellingforcreators.com

wwwswty6655.com

qtumboa.com

Targets

- Target
  
  6de2089f_by_Libranalysis
- Size
  
  1.4MB
- MD5
  
  6de2089faacef5b512c7abb442388e3c
- SHA1
  
  5af74789c9fda2dd117a26ad59664e14d7bc64aa
- SHA256
  
  bccb5a69386e34c4c94dfe0932180377c333d0d1f0a65b52eb64a0cdc1974556
- SHA512
  
  0943521624cf61b883acfd6e2068b452b81bb5fe319e3aad2cf554c3e99cd865667f1918f025b609b97ce1baa97aa1ebb401bc80b77e41ee2b5055de09a5112d
Score

10^/10

formbook persistence rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

2

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2