formbook

General

Target

SecuriteInfo.com.Trojan.Win32.Save.a.9130.4062
Size

913KB
Sample

210507-3m1wgew23e
MD5

52289e533348a695d881c6df2d895f5e
SHA1

2cc712357a0d94f590eb126f2697373d9cca4ea1
SHA256

7653e46e3326fbabf9e534cbd02600f87ad38b5c9e4e175a60e27a6d90c5e6fe
SHA512

f456b1d29ed931fdc067973b76e586fd942baa0a26218c76cb2ea72a557e6fbaceba005846b366d3b3a998771e16e5b22147fcf4295a369da2240fe22a2d1b98

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.conciergedoctx.com/ot8m/

Decoy

digiclan.net

songlautramtuoii.online

miracleseedproducts.com

taniacastillo.com

essentialme.network

charmcitydetour.com

suprekopis.com

jimmycollier.com

thrifteee.com

rhmachinery.ltd

the05project.com

altfacebookalt.com

ein-herz-fuer-holz.com

kingohost.com

vmarines.com

2bestudio.com

triducdv.com

kp-transport.com

mybostonhwart.com

benzcat.net

Targets

- Target
  
  SecuriteInfo.com.Trojan.Win32.Save.a.9130.4062
- Size
  
  913KB
- MD5
  
  52289e533348a695d881c6df2d895f5e
- SHA1
  
  2cc712357a0d94f590eb126f2697373d9cca4ea1
- SHA256
  
  7653e46e3326fbabf9e534cbd02600f87ad38b5c9e4e175a60e27a6d90c5e6fe
- SHA512
  
  f456b1d29ed931fdc067973b76e586fd942baa0a26218c76cb2ea72a557e6fbaceba005846b366d3b3a998771e16e5b22147fcf4295a369da2240fe22a2d1b98
Score

10^/10

formbook rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2