formbook

General

Target

Produktmuster bestellen pdf.exe.xz
Size

237KB
Sample

210924-qkh8yahbb3
MD5

605ace59653713e15a265663fa353f8d
SHA1

b1f233d91f9846f4f935da37e3aded2bf37496b3
SHA256

bb563dd32da362223391bcab4ce944176a91743e3d686284b46c7166feffc9c0
SHA512

cdb0392a109d008c429a7c74422f7b1a3d8c3086a504b3abf1d5f207ea9cff1be15ce6b341d4fbab40f192c3b91ef108f4ed565a886e0a9185353c812b744768

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

n7ak

C2

http://www.kmresults.com/n7ak/

Decoy

modischoolcbse.com

theneverwinter.com

rszkjx-vps-hosting.website

fnihil.com

1pbet.com

nnowzscorrez.com

uaotgvjl.icu

starmapsqatar.com

ekisilani.com

extradeepsheets.com

jam-nins.com

buranly.com

orixentertainment.com

rawtech.energy

myol.guru

utex.club

jiapie.com

wowig.store

wweidlyyl.com

systaskautomation.com

Targets

- Target
  
  Produktmuster bestellen pdf.exe
- Size
  
  841KB
- MD5
  
  5ca062106a36b73b0eaffd7170d6b239
- SHA1
  
  fe5ab18a5e48988fd36b1318d4d1416d1f7014a6
- SHA256
  
  ff163e8cfe858604b414adc36790c2b81d59efe58b4b3bb3628893828f8dbdab
- SHA512
  
  c96de515f577f2b708423c82632403d4215f911d89100ba213950111e61f50a3690fef55290322febbb00516a43c3e2bb46a8008a36ea28ad2ba234114842b63
Score

10^/10

formbook n7ak rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2