formbook

General

Target

2ac4bd152798cb51c064d2405d309dd0d6245191f6f4c0124573680e90d3156c
Size

736KB
Sample

220615-e3gx2schej
MD5

6d6f2944045c743389aa32561c87f9c9
SHA1

2cf525459a1efe4a043b19d6db31ed2f74c25f1b
SHA256

2ac4bd152798cb51c064d2405d309dd0d6245191f6f4c0124573680e90d3156c
SHA512

0768a78b4352c698bff46c9f8a159a4be085d7ce747fd46717734312be7cf9778eb1fecebfbd71e29f3636e76f84d23731f9efd3f9e045e88be2eebc4db6db4b

Score

10^/10

formbook sh rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

3.8

Campaign

sh

Decoy

westoffice.net

open-sgi.info

night-club.online

tv17404.info

0472game.com

haberlerim.net

my-web.net

360almeria.com

healthyair.cymru

anxietysupresant.info

domainprodssl1309test.com

tolgakorkmaz.com

laklapos.com

4y978g.info

entitydatabase.info

jese52.party

redstarnepal.com

internationaldrugdiscovery.com

crafting.solutions

lecodedumariage.com

Targets

- Target
  
  2ac4bd152798cb51c064d2405d309dd0d6245191f6f4c0124573680e90d3156c
- Size
  
  736KB
- MD5
  
  6d6f2944045c743389aa32561c87f9c9
- SHA1
  
  2cf525459a1efe4a043b19d6db31ed2f74c25f1b
- SHA256
  
  2ac4bd152798cb51c064d2405d309dd0d6245191f6f4c0124573680e90d3156c
- SHA512
  
  0768a78b4352c698bff46c9f8a159a4be085d7ce747fd46717734312be7cf9778eb1fecebfbd71e29f3636e76f84d23731f9efd3f9e045e88be2eebc4db6db4b
Score

10^/10

formbook sh rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook Payload
  rat
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Formbook Payload

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2