formbook

General

Target

uzorci proizvoda.exe.xz
Size

318KB
Sample

210728-61lvb6yv8e
MD5

4a16891a607ad8b6f5dbec458f40d1dc
SHA1

f3a48d0d5826e47530d6feb98451f09708218939
SHA256

5349b24a5d638dc5ea785d7b5cb5c5269865fbfaacef71f4fbb7d78c09d20dc6
SHA512

464c6e3b50b99b6be4ae66a374c7c67d8e890d9f61882cbcac1ef5002d353518ad93b1e3cdf473c1fa53432c4fcb1152b8764ae8dd91568dc1224530ff8fb2a1

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

C2

http://www.kmresults.com/n7ak/

Decoy

modischoolcbse.com

theneverwinter.com

rszkjx-vps-hosting.website

fnihil.com

1pbet.com

nnowzscorrez.com

uaotgvjl.icu

starmapsqatar.com

ekisilani.com

extradeepsheets.com

jam-nins.com

buranly.com

orixentertainment.com

rawtech.energy

myol.guru

utex.club

jiapie.com

wowig.store

wweidlyyl.com

systaskautomation.com

Targets

- Target
  
  uzorci proizvoda.exe
- Size
  
  871KB
- MD5
  
  23edaa5eedb3e86821231fc4d9203282
- SHA1
  
  75473cf5a6ed1b319d724319c0640a287e0151dd
- SHA256
  
  85c06f810a8b5bcd96b37ba755521d19149c2d43bbd47317dbd0aa5e522af635
- SHA512
  
  0d7e43cb653ad4832e61f5cadc8137217700670e20a318136bcf298c1f97aa55e3ae026252fe7888e99f880d62ea446c3a9933b5bfe4c58033073d1afef525e9
Score

10^/10

formbook rat spyware stealer suricata trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2