formbook

General

Target

c6e109c1ec31c940fa2cb4284750484b
Size

602KB
Sample

211216-l7yjxscecq
MD5

c6e109c1ec31c940fa2cb4284750484b
SHA1

4ae6b102f29b304d2a927752d7d6c8545bfc2e59
SHA256

53ffa55b36b2ab42fe178fbe282c42ddac520fd478c659fdbc559678a6c2263a
SHA512

1e8ef1ebbbad417a145780af8205707132d4c302d708f38d770b145165db015f5ea4cb16965cf5c19f84a7987697853a27cf329b461442a2b7f8bdc20e499ac5

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

og2w

Decoy

drivenexpress.info

pdfproxy.com

zyz999.top

oceanserver1.com

948289.com

nubilewoman.com

ibizadiamonds.com

bosniantv-australia.com

juliehutzell.com

poshesocial.events

icsrwk.xyz

nap-con.com

womansslippers.com

invictusfarm.com

search-panel-avg-rock.rest

desencriptar.com

imperialexoticreptiles.com

agastify.com

strinvstr.com

julianapeloi.com

Targets

- Target
  
  c6e109c1ec31c940fa2cb4284750484b
- Size
  
  602KB
- MD5
  
  c6e109c1ec31c940fa2cb4284750484b
- SHA1
  
  4ae6b102f29b304d2a927752d7d6c8545bfc2e59
- SHA256
  
  53ffa55b36b2ab42fe178fbe282c42ddac520fd478c659fdbc559678a6c2263a
- SHA512
  
  1e8ef1ebbbad417a145780af8205707132d4c302d708f38d770b145165db015f5ea4cb16965cf5c19f84a7987697853a27cf329b461442a2b7f8bdc20e499ac5
Score

10^/10

formbook og2w rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2