formbook

General

Target

c730921135664017f59128d4de5d43f9
Size

403KB
Sample

211020-x28ngshee4
MD5

c730921135664017f59128d4de5d43f9
SHA1

bbd989e702ce50e372fa492985d7e04767fbef96
SHA256

d6a8c5f4120e3be2e6d676d808dbdadc074f811398ac5b03878baba7275137d4
SHA512

19cf744db3bc38b6eec0e70e86ce0a4cb4bb0bc31c7da663782215d5c254ffe73bd0e58edfcfd6d80c265320356ed8b9aa378c311e92e6b845f00b819ad5d43e

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

gr1c

C2

http://www.illusiontrick.com/gr1c/

Decoy

soakyourgrains.com

duwego.com

aenkdesign.com

bikabbziu.xyz

thesawyerlegacy.com

koreanmodelbj.xyz

exceed-standards.com

syirsve.com

sachisushimontreal.com

thegalwaykitchen.com

accarwash-hub.com

connectwithmentor.com

luftfundament.online

ibrahimkaracan.com

biggersinsurance.com

desellon.com

tvnewscloset.com

digital-dre.com

ingocg.com

fernanda-ortiz.com

Targets

- Target
  
  c730921135664017f59128d4de5d43f9
- Size
  
  403KB
- MD5
  
  c730921135664017f59128d4de5d43f9
- SHA1
  
  bbd989e702ce50e372fa492985d7e04767fbef96
- SHA256
  
  d6a8c5f4120e3be2e6d676d808dbdadc074f811398ac5b03878baba7275137d4
- SHA512
  
  19cf744db3bc38b6eec0e70e86ce0a4cb4bb0bc31c7da663782215d5c254ffe73bd0e58edfcfd6d80c265320356ed8b9aa378c311e92e6b845f00b819ad5d43e
Score

10^/10

formbook gr1c rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2