formbook

General

Target

3.exe
Size

807KB
Sample

210913-kjayaagdem
MD5

b31db6d4d0fcb0a462723b7237afe716
SHA1

144d72ac115c4dc41323c9be5851edf7092f9781
SHA256

9599dc775b23d35f7e7603411551e0dad99126791b18982ac2e88584c607e214
SHA512

fc7b49b2c875600efc6fad2cb48237c58ec702bc0cca9e8a93baa43453fc53d5c10094408e5d2c9ec06a5278dac856dd677234dacff7f9974faf24ec38e06db9

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

3nop

C2

http://www.jakesplacebarbers.com/3nop/

Decoy

videohm.com

panache-rose.com

alnooncars-kw.com

trueblue2u.com

brussels-cafe.com

ip2c.net

influenzerr.com

rbcoq.com

zzful.com

drainthe.com

sumaholesson.com

cursosaprovados.com

genotecinc.com

dbrulhart.com

theapiarystudios.com

kensyu-kan.com

dkku88.com

tikhyper.com

aztecnort.com

homebrim.com

Targets

- Target
  
  3.exe
- Size
  
  807KB
- MD5
  
  b31db6d4d0fcb0a462723b7237afe716
- SHA1
  
  144d72ac115c4dc41323c9be5851edf7092f9781
- SHA256
  
  9599dc775b23d35f7e7603411551e0dad99126791b18982ac2e88584c607e214
- SHA512
  
  fc7b49b2c875600efc6fad2cb48237c58ec702bc0cca9e8a93baa43453fc53d5c10094408e5d2c9ec06a5278dac856dd677234dacff7f9974faf24ec38e06db9
Score

10^/10

formbook 3nop rat spyware stealer suricata trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata: ET MALWARE FormBook CnC Checkin (GET)
  suricata
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

1

T1059

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

suricata: ET MALWARE FormBook CnC Checkin (GET)

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2