formbook

General

Target

detalles del pedido.scr
Size

417KB
Sample

211008-j6aeladfe6
MD5

59ad493c574e19a8401ffe35ae5f09db
SHA1

2c6d484c97e9b16958a768aa0599ab1905eb809e
SHA256

d54e341578828a215bbe78db4f2dc64a5388d4ce3bc7d6488f7bafb8c6b02d1c
SHA512

a10e7cc5758ee1efaab6b6fd29ce8640b78a8423b264c4d8710b51d5a64f41aa5f9c45ca4cb88c2a824d1c17f15d8981fa69d591f02432d9eec1d4272ffc3300

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dn7r

C2

http://www.yourherogarden.net/dn7r/

Decoy

eventphotographerdfw.com

thehalalcoinstaking.com

philipfaziofineart.com

intercoh.com

gaiaseyephotography.com

chatbotforrealestate.com

lovelancemg.com

marlieskasberger.com

elcongoenespanol.info

lepirecredit.com

distribution-concept.com

e99game.com

exit11festival.com

twodollartoothbrushclub.com

cocktailsandlawn.com

performimprove.network

24horas-telefono-11840.com

cosmossify.com

kellenleote.com

perovskite.energy

Targets

- Target
  
  detalles del pedido.scr
- Size
  
  417KB
- MD5
  
  59ad493c574e19a8401ffe35ae5f09db
- SHA1
  
  2c6d484c97e9b16958a768aa0599ab1905eb809e
- SHA256
  
  d54e341578828a215bbe78db4f2dc64a5388d4ce3bc7d6488f7bafb8c6b02d1c
- SHA512
  
  a10e7cc5758ee1efaab6b6fd29ce8640b78a8423b264c4d8710b51d5a64f41aa5f9c45ca4cb88c2a824d1c17f15d8981fa69d591f02432d9eec1d4272ffc3300
Score

10^/10

formbook dn7r rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2