formbook

General

Target

Order draft1.exe
Size

348KB
Sample

211122-rx1t7aagc4
MD5

87a9c5769d732656ff646ca572825673
SHA1

fee45216d2ff3209fd063eb4a66f68aa1ff924ba
SHA256

205b9f0fc3a5d54104e7523586c4c548e8e728d74887f1f87e681fc98f6faa0a
SHA512

93ff74af7c4000ceb5e9024ba12d0b16d12604cca88726ccd16878f7d33f009e2a5a4f088445801ea5f01b7d2c46f9b2b47e4c36036fcdaab4ee82ca2e91bd50

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

dn7r

C2

http://www.yourherogarden.net/dn7r/

Decoy

eventphotographerdfw.com

thehalalcoinstaking.com

philipfaziofineart.com

intercoh.com

gaiaseyephotography.com

chatbotforrealestate.com

lovelancemg.com

marlieskasberger.com

elcongoenespanol.info

lepirecredit.com

distribution-concept.com

e99game.com

exit11festival.com

twodollartoothbrushclub.com

cocktailsandlawn.com

performimprove.network

24horas-telefono-11840.com

cosmossify.com

kellenleote.com

perovskite.energy

Targets

- Target
  
  Order draft1.exe
- Size
  
  348KB
- MD5
  
  87a9c5769d732656ff646ca572825673
- SHA1
  
  fee45216d2ff3209fd063eb4a66f68aa1ff924ba
- SHA256
  
  205b9f0fc3a5d54104e7523586c4c548e8e728d74887f1f87e681fc98f6faa0a
- SHA512
  
  93ff74af7c4000ceb5e9024ba12d0b16d12604cca88726ccd16878f7d33f009e2a5a4f088445801ea5f01b7d2c46f9b2b47e4c36036fcdaab4ee82ca2e91bd50
Score

10^/10

formbook dn7r rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2