formbook | 6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379
Size

72KB
Sample

221103-ejgsyagggp
MD5

6f53598b9c19b30a0cf3ff0432301708
SHA1

4bd8e67e468adfbfddd9e5a1e47fdf318bf9a31b
SHA256

6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379
SHA512

e655648f950b90261fd2b54be1ebfee9780ff466351d1cc4b1a675c41329fc5eae62f20ccb9423d3ee4e3457c7a8ed63b14bc2e30f205a4512122301ce2d1541
SSDEEP

1536:7BKK5PX8Q01Hb20oJ0fekpamVGfhCW7j:lKSx0177ouekpamVGfhCW7j

Score

10^/10

formbook zx85 rat spyware stealer trojan

Malware Config

Extracted

Family

formbook

Version

4.1

Campaign

zx85

Decoy

myclassly.com

rilcon.xyz

miracleun.shop

gadgetward-usa.com

farmaacademy.com

dreamsolutions.group

fffood.online

ziggnl.site

cherpol.com

imprescriptible-tienoscope.biz

yztc.fun

chicagonftweek.com

zz0659.com

hznaixi.com

027-seo.net

korlekded.com

gelatoitaly.com

finlitguru.com

gupingapp.com

manmakecoffee.com

Targets

- Target
  
  6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379
- Size
  
  72KB
- MD5
  
  6f53598b9c19b30a0cf3ff0432301708
- SHA1
  
  4bd8e67e468adfbfddd9e5a1e47fdf318bf9a31b
- SHA256
  
  6d3397c687aea5017b90a5e96adc6fbfb0429d56a8b2ead1f1d4273994952379
- SHA512
  
  e655648f950b90261fd2b54be1ebfee9780ff466351d1cc4b1a675c41329fc5eae62f20ccb9423d3ee4e3457c7a8ed63b14bc2e30f205a4512122301ce2d1541
- SSDEEP
  
  1536:7BKK5PX8Q01Hb20oJ0fekpamVGfhCW7j:lKSx0177ouekpamVGfhCW7j
Score

10^/10

formbook zx85 rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Formbook payload
  rat
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

formbookzx85ratspywarestealertrojan