Overview

overview

10

Static

static

winprofile

windows7-x64

10

winprofile

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1726833b4611158dd46395d1418ecee62bcb51fe4cc800e71dc15b4fa5cdf81

  • Size

    592KB

  • Sample

    220829-d386vsagbj

  • MD5

    e8d8a01c427ddf0e5debe87b83d91eb1

  • SHA1

    047314f89a53f15a12524d9518d05daa97ad1aec

  • SHA256

    a1726833b4611158dd46395d1418ecee62bcb51fe4cc800e71dc15b4fa5cdf81

  • SHA512

    d2677306eaad79e3e25d3d269efc0487b0e179425c736a522a98d28385449263443363a3d4ce5299622e655a33c3705b8ec007e0d98ff0f95a854fb544c6eefd

  • SSDEEP

    12288:49hjF11R/5PM+/Sdowt0N1bYXV2frIbGI24pWm5Pau:UpPEdowt0N1mwTfv4pWm5Su

Score
10/10
formbookde08ratspywarestealertrojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

de08

Decoy

retirecloudyyard.com

fabiyan.xyz

chrisarlyde.com

selapex.com

vivalosgales.com

specialty-medicine.com

contasesolucoes.com

satunusanews.net

allyibc.com

alameda1876.com

artofdala.com

yukoidusp.xyz

steeldrumbandnearme.com

stonewedgetechnology.com

kentonai.com

macquarie-private.com

ddgwy.com

megagreenhousekits.com

descomplicaomarketing.com

inclusiverealtor.com

Targets

    • Target

      a1726833b4611158dd46395d1418ecee62bcb51fe4cc800e71dc15b4fa5cdf81

    • Size

      592KB

    • MD5

      e8d8a01c427ddf0e5debe87b83d91eb1

    • SHA1

      047314f89a53f15a12524d9518d05daa97ad1aec

    • SHA256

      a1726833b4611158dd46395d1418ecee62bcb51fe4cc800e71dc15b4fa5cdf81

    • SHA512

      d2677306eaad79e3e25d3d269efc0487b0e179425c736a522a98d28385449263443363a3d4ce5299622e655a33c3705b8ec007e0d98ff0f95a854fb544c6eefd

    • SSDEEP

      12288:49hjF11R/5PM+/Sdowt0N1bYXV2frIbGI24pWm5Pau:UpPEdowt0N1mwTfv4pWm5Su

    Score
    10/10
    formbookde08ratspywarestealertrojan

    • Formbook

      Formbook is a data stealing malware which is capable of stealing data.

      trojanspywarestealerformbook

    • Formbook payload

      rat

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks