formbook

General

Target

Order0081.exe
Size

451KB
Sample

211028-mkdrnscbb2
MD5

86a9969d606a6068365ab318aef2a428
SHA1

5db7505848578cd13044370c2f4285af7f9223e9
SHA256

eee3ae244d4b107caf97cc1fb723b1e20d233d9e8d73362ad1666175a7c1ef24
SHA512

76759526c915b889e4f23bbd960a8b278e2a6ed3ec1ba1321c58036a9bfaa1b47046f384165da9add84e357e8c21d6f3f1e337bcc9475f5f9922ff26d74031f8

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dn7r

C2

http://www.yourherogarden.net/dn7r/

Decoy

eventphotographerdfw.com

thehalalcoinstaking.com

philipfaziofineart.com

intercoh.com

gaiaseyephotography.com

chatbotforrealestate.com

lovelancemg.com

marlieskasberger.com

elcongoenespanol.info

lepirecredit.com

distribution-concept.com

e99game.com

exit11festival.com

twodollartoothbrushclub.com

cocktailsandlawn.com

performimprove.network

24horas-telefono-11840.com

cosmossify.com

kellenleote.com

perovskite.energy

Targets

- Target
  
  Order0081.exe
- Size
  
  451KB
- MD5
  
  86a9969d606a6068365ab318aef2a428
- SHA1
  
  5db7505848578cd13044370c2f4285af7f9223e9
- SHA256
  
  eee3ae244d4b107caf97cc1fb723b1e20d233d9e8d73362ad1666175a7c1ef24
- SHA512
  
  76759526c915b889e4f23bbd960a8b278e2a6ed3ec1ba1321c58036a9bfaa1b47046f384165da9add84e357e8c21d6f3f1e337bcc9475f5f9922ff26d74031f8
Score

10^/10

formbook dn7r rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2