formbook

General

Target

f8debe5896816bcd423808995957a655
Size

247KB
Sample

220126-rr18rsecb4
MD5

f8debe5896816bcd423808995957a655
SHA1

9415bcf1caba627ee0a8c757eb621716bf3689a7
SHA256

1dbc3cfe6ec8d60d09a82351d49935068b5e8b94d1ce7de9f83fe3f990e9c69b
SHA512

32c79ce4a2c1e86ee3e0efaa943b65dd3447a0ccd69433d915075541cab88da1fab4742ef8c2d25d65ba418ee8cac7bfc2f80bcecf1adabf85d058b229bb4d0c

Score

10^/10

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

h4d0

Decoy

onlinefinejewelry.com

samstringermusic.com

beam-lettings.info

optimumcoin.xyz

fasa.xyz

creativedime.com

eihncuz.online

griffin2008.top

europcarlive.com

jxhcar.com

museumsshop.international

bonolaboral-lnterbank.com

kelebandis.xyz

hiddenlakeranch.net

carelessyouth.com

jfkilfoil.store

potok-it-ua.site

magdulemediation.com

shakadal.xyz

coastconstructionfl.com

Targets

- Target
  
  f8debe5896816bcd423808995957a655
- Size
  
  247KB
- MD5
  
  f8debe5896816bcd423808995957a655
- SHA1
  
  9415bcf1caba627ee0a8c757eb621716bf3689a7
- SHA256
  
  1dbc3cfe6ec8d60d09a82351d49935068b5e8b94d1ce7de9f83fe3f990e9c69b
- SHA512
  
  32c79ce4a2c1e86ee3e0efaa943b65dd3447a0ccd69433d915075541cab88da1fab4742ef8c2d25d65ba418ee8cac7bfc2f80bcecf1adabf85d058b229bb4d0c
Score

10^/10

formbook h4d0 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
- Loads dropped DLL
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

Loads dropped DLL

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Tasks

static1

behavioral1

behavioral2