formbook

General

Target

YENİ SİPARİŞ-CVEQ530334.exe
Size

448KB
Sample

221125-sn1y9sfg72
MD5

fbd18c65e9a0c3134b1097081c6dba05
SHA1

d1036152a495eb3eddb97b1aa67ac95033967101
SHA256

3c4e99d0feb74839f278b7bdebfb6ab682d7eaa07072439b08d197ae8abd9600
SHA512

34d7bac0c4f8277717938869ddd3f1dcd6b25ace152c5c7d34734eb766ef9a7f40c59b2a18ff3b61acb80c7e79e20b722257e5122e0121cc4c647fb097b0fce3
SSDEEP

12288:8KgDN3xG0EBB270P1LpGxVcI2WFPeBY0NsaG3:8DDN3zEA0v0PZeQa

Score

10^/10

Malware Config

Extracted

Family

formbook

Campaign

codp

Decoy

WLwbp9IgDF0DRbuq

oNQ7DHBzVHVMTxxxFCORk65Z5w==

eKyDm2P0S8i8tXrGSRxyN/GB+g==

DWLDupksnDvfKi7Q7PI=

JAaYbOFx1G0f4pcM36gDB3YaG796

KWQ71Z4U7+2Nv8K72OXED5M9oe8=

YJpvEHW5TU/wL02R9TiN0A==

tpQX78fPprFMi7ocSgXfUNYKpTq33Icp

a9Z0eju3FKFA/YBy+MQfG3QaG796

uQzt58fSssDUenxacQCY2g==

vijGzYPYOfi2gxZLhlbA

kZfzlQg7IGPxc29BJA==

dcQu+blQlxGyZu7qw5P4L6s=

TTIXAcXMr85yqqvxWBMqdrw=

xZb/tyGC8sOjIS7Q7PI=

KnzenvO+cXkVS3biKfRDwJ9Q5Q==

ZqZvDt9+yYxqh1Si

vZD8CtVZigY/cqnmLA==

QJy2dd/p0MO1Ji7Q7PI=

l+Hmoea3jsiAcqnmLA==

Targets

- Target
  
  YENİ SİPARİŞ-CVEQ530334.exe
- Size
  
  448KB
- MD5
  
  fbd18c65e9a0c3134b1097081c6dba05
- SHA1
  
  d1036152a495eb3eddb97b1aa67ac95033967101
- SHA256
  
  3c4e99d0feb74839f278b7bdebfb6ab682d7eaa07072439b08d197ae8abd9600
- SHA512
  
  34d7bac0c4f8277717938869ddd3f1dcd6b25ace152c5c7d34734eb766ef9a7f40c59b2a18ff3b61acb80c7e79e20b722257e5122e0121cc4c647fb097b0fce3
- SSDEEP
  
  12288:8KgDN3xG0EBB270P1LpGxVcI2WFPeBY0NsaG3:8DDN3zEA0v0PZeQa
Score

10^/10

formbook codp rat spyware stealer trojan
- Formbook
  Formbook is a data stealing malware which is capable of stealing data.
  trojan spyware stealer formbook
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1

T1112

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks

static1

behavioral1

behavioral2