formbook

General

Target

notificación bancaria SWift.exe.xz
Size

344KB
Sample

211115-nnl3wsaac4
MD5

43830ac2dd3d41e4adcbf9af223cc0d6
SHA1

e3d009d1908cee2597608f12e2fc5ace48b61bad
SHA256

8d31e522102744c714db644fd0572e337f6a69e72f3c3a4bb0deab211e9a12df
SHA512

bc8691581aabea233dabff9bdc0eb974cc35c545b85668a9958a7a5043df242060fc17dd5a6ba69cdeb189def51dabb0df4df972576598aee8c8d4280b969621

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

n7ak

C2

http://www.kmresults.com/n7ak/

Decoy

modischoolcbse.com

theneverwinter.com

rszkjx-vps-hosting.website

fnihil.com

1pbet.com

nnowzscorrez.com

uaotgvjl.icu

starmapsqatar.com

ekisilani.com

extradeepsheets.com

jam-nins.com

buranly.com

orixentertainment.com

rawtech.energy

myol.guru

utex.club

jiapie.com

wowig.store

wweidlyyl.com

systaskautomation.com

Targets

- Target
  
  notificación bancaria SWift.exe
- Size
  
  746KB
- MD5
  
  d430635d87107798fee74e8febaf9a67
- SHA1
  
  99834cd2b98a352ceded62313e62fa368bd18a54
- SHA256
  
  184334a7b2fe95a80e82f4e3fa74b3484df670fe8c08b99357ba2dcbbfece475
- SHA512
  
  b6f8ffd76c612691f937f430ee2c8a13d436708b7db20b7e8b4c29e0143a6b324870bc0f232c618839e21abd863d6fde6229a62979d78f07470cdefa8e7b6e7a
Score

10^/10

formbook n7ak persistence rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Adds Run key to start application
  persistence
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1

T1060

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Adds Run key to start application

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2