formbook

General

Target

Factura de proforma pdf.exe.xz
Size

405KB
Sample

211026-y6j2csace5
MD5

e05521a7a033b62d8f207337de85f51f
SHA1

88d58dd2203794c9d682b1a8aa9af2fcda3b79eb
SHA256

8f515e0d3392a63a17de79305c5126f3cde691ebb5cffc97c611cc11b1f3ba7e
SHA512

f82cb73dff9c64664a20fd25aea4abecd47c919fbe18d2ba89404ccbf1e974cf51889c26b9f32a9bfb459f3fa7a52d816bae4c6df9cf26db50c09e48bb0b81dd

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

n7ak

C2

http://www.kmresults.com/n7ak/

Decoy

modischoolcbse.com

theneverwinter.com

rszkjx-vps-hosting.website

fnihil.com

1pbet.com

nnowzscorrez.com

uaotgvjl.icu

starmapsqatar.com

ekisilani.com

extradeepsheets.com

jam-nins.com

buranly.com

orixentertainment.com

rawtech.energy

myol.guru

utex.club

jiapie.com

wowig.store

wweidlyyl.com

systaskautomation.com

Targets

- Target
  
  Factura de proforma pdf.exe
- Size
  
  1017KB
- MD5
  
  d5916f06d0a76a83e7c2c821d8c24f33
- SHA1
  
  90aa11268187928fe78454be1f63de41e6da3a90
- SHA256
  
  edcb4f8ebec3c0a7aa59ee179a97468c2fe8ef6ed05e9fcc402f34eb817eb4df
- SHA512
  
  12a97d48169f87fe7d6f27d6f620092178c4271fa6d049eb92e7166a6a302fec481629d88cf5dad0b970c0808edb1613b9e2581188c8d66ba864d3258ddec2a0
Score

10^/10

formbook n7ak persistence rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2