formbook

General

Target

SCAN-PQ Documents Submission QTN.rar
Size

399KB
Sample

211126-vn8efsghc5
MD5

76e8ca763faf56e57b003c518679b995
SHA1

2be43aeb682fa60e1df9b7f39904b8956f2d588b
SHA256

f11adebf3b695be80e5897aa4c966f675c4a842adaeb0d1e73b0b40e0499dc09
SHA512

bb548efca372b343288f021e203afb0e207d5734be9f28ea98ac8a31084c7dcc33b2150662d9a70ccd4f698a37d693981b29169836c4af0144168131a2bf0ee3

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

vngb

C2

http://www.gvlc0.club/vngb/

Decoy

omertalasvegas.com

payyep.com

modasportss.com

gestionestrategicadl.com

teamolemiss.club

geektranslate.com

versatileventure.com

athletic-hub.com

vitanovaretreats.com

padison8t.com

tutoeasy.com

ediblewholesale.com

kangrungao.com

satode.com

prohibitionfeeds.com

getmorevacations.com

blinkworldbeauty.com

kdlabsallr.com

almanasef.com

transportationservicellc.com

Targets

- Target
  
  SCAN-PQ Documents Submission QTN.exe
- Size
  
  529KB
- MD5
  
  58c6b4766aa1fcb524dd6ffdca90d9bd
- SHA1
  
  4f9274cf7add2cd1dee1946924de35844da66b34
- SHA256
  
  880c25114e60049a5737089e2b4773990c574706ba555cf3d5ab9306e49a5fc1
- SHA512
  
  236f64eef4872e68ab19ab8251d904effd1a62bf62048b4110c0bbbf0cac29183d2acb14018e669fbb3ad314acf088f5170f9128d166416fefd00b36c375d30c
Score

10^/10

formbook vngb rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Deletes itself
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Deletes itself

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2