formbook

General

Target

5ee375628c34cd0aa0833e24bc31087a
Size

1.2MB
Sample

210816-1ksxr7snsn
MD5

5ee375628c34cd0aa0833e24bc31087a
SHA1

1d8c406871a1969850fd31883f23b56cb0bf0380
SHA256

dfe96798a6065c99050d1cb964200874b40e3916f90e3caed35df9ace3dc3198
SHA512

8b2d3401ebdb16d0ccfd7daa80344e1c0970720da2b12899af6482828ab7fc353b462b3b252dc7b0177a320b1a75bb537c439b64ea7c683e299e7a2e48873b70

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

kzk9

C2

http://www.yourmajordomo.com/kzk9/

Decoy

tianconghuo.club

1996-page.com

ourtownmax.net

conservativetreehose.com

synth.repair

donnachicacreperia.com

tentfull.com

weapp.download

surfersink.com

gattlebusinessservices.com

sebastian249.com

anhphuc.company

betternatureproducts.net

defroplate.com

seattlesquidsquad.com

polarjob.com

lendingadvantage.com

angelsondope.com

goportjitney.com

tiendagrupojagr.com

Targets

- Target
  
  5ee375628c34cd0aa0833e24bc31087a
- Size
  
  1.2MB
- MD5
  
  5ee375628c34cd0aa0833e24bc31087a
- SHA1
  
  1d8c406871a1969850fd31883f23b56cb0bf0380
- SHA256
  
  dfe96798a6065c99050d1cb964200874b40e3916f90e3caed35df9ace3dc3198
- SHA512
  
  8b2d3401ebdb16d0ccfd7daa80344e1c0970720da2b12899af6482828ab7fc353b462b3b252dc7b0177a320b1a75bb537c439b64ea7c683e299e7a2e48873b70
Score

10^/10

formbook kzk9 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2