formbook

General

Target

20211015168444093723.iso
Size

322KB
Sample

211015-vt9jpsbbf9
MD5

e070b8910baf045ad7b5c1520165b21f
SHA1

b2b991504b74ccfaf3e3fdb415cf08fb3b004fde
SHA256

80db1952d4072b26cd44506d916c33b020a7cd8f85150d59725e2a4602a21a60
SHA512

02249749a63dcbd138b4513598407e20ae2911e1dc0a0d474dd49e12cd0ca25e9f75acce1461622dc0df5cfdd833dd7f6ef8e9113904b64eefff2c7624f14820

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

nd1w

C2

http://www.ahlongpteltd.com/nd1w/

Decoy

cartographieinterieure.store

de-tanautorisierung-6439.xyz

maxisezon.com

spottsalodio.xyz

thesocialguild.net

petemergencydoctor.com

czhtfmgj.com

incontrilocalimilano.com

132kingrd.com

clearviewsatellitesolutions.com

shopingmanplus.com

compuserviciosway.com

millportservicesltd.com

ticketinsurey.club

metro-club.com

aboutpoliticsofatom.com

brebawake.com

yurteam.com

dropadoo.com

wcsaroma2012.com

Targets

- Target
  
  20211015168444093723.exe
- Size
  
  261KB
- MD5
  
  4452b76f214c4a5f5e520e579da088d8
- SHA1
  
  fcad7662120fe40c1a7dc052e40be8e67dfd7a93
- SHA256
  
  51f987ef74839fa7ba0b2c959aee7ad244c30231259bc22b4b778a71760e7262
- SHA512
  
  32ed1bcd1385d105bcb2d0eba49e85fc71f15687bc42ce9eb80d9351d1e363c93c35f7589a0b013cb03f352dc4d50fc32c6c347f1cd6fa528e9b73e5d34d7482
Score

10^/10

formbook nd1w rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2